65 matches found
CVE-2017-9483
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows Network Processor NP Linux users to obtain root access to the Application Processor AP Linux system via shell metacharacters in commands...
CVE-2017-9483
CVE-2017-9483 affects Cisco DPC3939 family firmware (e.g., dpc3939-P20-18-v303r20421746-170221a-CMCST). The vulnerability enables arbitrary command execution by NP Linux users to gain root access on the AP Linux system through shell metacharacters in commands. The affected product is a Comcast fi...
CVE-2017-9481
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows remote attackers to obtain unintended access to the Network Processor NP 169.254/16 IP network by adding a routing-table entry that specifies the LAN IP address as the router for that...
CVE-2017-9483
The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST devices allows Network Processor NP Linux users to obtain root access to the Application Processor AP Linux system via shell metacharacters in commands...
CVE-2017-9482
The CVE-2017-9482 entry concerns Cisco DPC3939 firmware (dpc3939-P20-18-v303r20421746-170221a-CMCST). Public records (NVD/CNVD entries) describe remote root access of the Network Processor Linux by enabling a TELNET daemon (via CVE-2017-9479) and connecting, as well as related issues allowing com...
FreeBSD -- Local privilege escalation in IRET handler
Problem Description: If the kernel-mode IRET instruction generates an SS or NP exception, but the exception handler does not properly ensure that the right GS register base for kernel is reloaded, the userland GS segment may be used in the context of the kernel exception handler. Impact: By causi...
CVE-2015-2984
I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
Code injection
I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
CVE-2015-2984
CVE-2015-2984 applies to I-O DATA DEVICE NP-BBRS and WN-G54/R2 routers. The UPnP functionality allows remote attackers to cause a denial of service via SSDP requests (DDoS risk). Affected: NP-BBRS (all firmware versions) and WN-G54/R2 (pre‑1.03). Remediation: WN-G54/R2 firmware 1.03 fixes the iss...
I-O DATA DEVICE NP-BBRS and WN-G54/R2 Remote Denial of Service Vulnerabilities
The I-O DATA DEVICE NP-BBRS and WN-G54/R2 are both router products from I-O DATA DEVICE Japan. A remote denial of service vulnerability exists in the I-O DATA DEVICE NP-BBRS prior to version 1.03 and the WN-G54/R2 prior to version 1.03. An attacker could exploit this vulnerability to cause a deni...
Multiple I-O DATA LAN routers vulnerable in UPnP functionality
Overview A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that...
JVN#17964918: Multiple I-O DATA LAN routers vulnerable in UPnP functionality
A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that the suppo...
I-O DATA DEVICE NP-BBRM Denial of Service Vulnerability
The I-O DATA DEVICE NP-BBRM is a router product from I-O DATA DEVICE Japan. A security vulnerability exists in the I-O DATA DEVICE NP-BBRM router. A remote attacker can exploit this vulnerability by sending UPnP requests to cause a denial of service SSDP reflection...
CVE-2015-0869
I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
CVE-2015-0869
I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
CVE-2015-0869
The CVE-2015-0869 entry concerns I-O DATA DEVICE NP-BBRM routers. A vulnerability in the UPnP functionality allows remote attackers to cause a denial of service via SSDP reflection by sending UPnP requests. Affected product: NP-BBRM router. Impact: potential DoS through SSDP reflection. CVSS metr...
JVN#27142693: NP-BBRM vulnerable in UPnP functionality
NP-BBRM provided by I-O DATA DEVICE, INC. is a LAN router. NP-BBRM contains a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution Disable UPnP Disable UPnP functionality from the management configuration in the settings screen...
Cisco IOS XR Software IPv6 Packet Handling Denial of Service Vulnerability (cisco-sa-20140611-ipv6)
Cisco IOS XR is prone to a remote denial of service DoS vulnerability. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Cisco IOS XR MPLS and Network Processor (NP) Chip DoS (Typhoon-based Line Cards)
The remote Cisco device is running a version Cisco IOS XR software that is potentially affected by a denial of service vulnerability related the handling of maliciously crafted MPLS Multiprotocol Label Switching packets routed by a bridge-group virtual interface. Note that this issue only affects...
CVE-2014-2176
Cisco IOS XR on ASR 9000 (4.1.2–5.1.1) with Trident-based line cards is affected by a vulnerability in parsing malformed IPv6 packets that can be exploited remotely to cause a denial of service (NP chip and line card reload). The issue stems from IPv6 handling and only affects Trident-based line ...