47 matches found
EUVD-2017-3796
Malware in sbrugna...
EUVD-2018-7248
Malware in sbrugna...
EUVD-2021-6919
Malicious code in bioql PyPI...
EUVD-2022-26114
Malicious code in bioql PyPI...
Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure (cisco-sa-iosxe-info-disc-nrORXjO)
According to its self-reported version, Cisco IOS XE ROM Monitor Software for Catalyst Switches is affected by an information disclosure vulnerability. A problem with file and boot variable permissions in the ROMMON password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software cou...
CVE-2022-20864 Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...
CVE-2022-20864 Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...
CVE-2022-20864
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...
Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability
A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...
PT-2022-6312 · Cisco · Cisco Ios Xe Rom Monitor (Rommon) +1
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches affected versions not specified Description: A problem with file and boot variable permissions in ROMMON could allow an unauthenticated, local attacker to recover the...
Cisco Catalyst 安全漏洞
Cisco Catalyst is a family of switches from Cisco USA. A security vulnerability exists in the Cisco IOS XE ROM Monitor for Cisco Catalyst that stems from a file and boot variable permission issue in ROMMON. An attacker exploiting this vulnerability could read any file or reset the enable password...
Cisco IOS XE Software ROM Monitor for Industrial Switches Command Injection (cisco-sa-iosxe-romvar-cmd-inj-N56fYbrw)
According to its self-reported version, IOS-XE is affected by a command injection vulnerability due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An unauthenticated, physical attacker can exploit this by setting malicious...
Code injection
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
CVE-2021-1452 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
CVE-2021-1452 Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability
A vulnerability in the ROM Monitor ROMMON of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute...
多款Cisco产品操作系统命令注入漏洞
Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An OS command injection vulnerability exists in ROMMON of Cisco IOS XE. The vulnerability stems from incorrect validation of specific function parameters passed to the startup...
Cisco IOS XE Software for ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution (cisco-sa-iosxe-rsp3-rce-jVHg8Z7c)
According to its self-reported version, IOS-XE for Cisco ASR 900 Series Aggregation Services Routers is affected by multiple vulnerabilities due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An authenticated, local attacker with high privileges to...
Cisco IOS XE Software Arbitrary Code Execution Vulnerability (cisco-sa-xbace-OnCEbyS)
According to its self-reported version, Cisco IOS XE Software is affected by a arbitrary code execution vulnerability, due to incorrect validations by boot scripts when specific ROM monitor ROMMON variables are set. An authenticated, local attacker could exploit this vulnerability by installing...
CVE-2020-3524
A vulnerability in the Cisco IOS XE ROM Monitor ROMMON Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated,...