83 matches found
CVE-2021-41314
Certain NETGEAR smart switches are affected by a \n injection in the web UI's password field, which - due to several faulty aspects of the authentication scheme - allows the attacker to create or overwrite a file with specific content e.g., the "2" string. This leads to admin session crafting and...
Cisco Small Business Series Switches Stacked Reload ACL Bypass (cisco-sa-sb-bus-acl-bypass-5zn9hNJk)
A vulnerability with the access control list ACL management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected...
CVE-2021-34780
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
CVE-2021-34778
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
CVE-2021-34776
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
CVE-2021-34757
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
CVE-2021-34744
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
Design/Logic Flaw
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
Design/Logic Flaw
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
Design/Logic Flaw
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
Design/Logic Flaw
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
Design/Logic Flaw
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...
CVE-2021-34744
CVE-2021-34744 affects Cisco Business 220 Series Smart Switches. The Cisco advisory describes multiple vulnerabilities in the device firmware that could allow an Administrator to access sensitive login credentials or reconfigure passwords. The root cause is related to hardcoded/static credentials...
CVE-2021-34744 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
CVE-2021-34744 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
CVE-2021-34757
CVE-2021-34757 affects Cisco Business 220 Series Smart Switches firmware. The root issue is static/key/password vulnerabilities (hardcoded credentials) in the device firmware that could let an attacker with Administrator privileges access sensitive login credentials or reconfigure user passwords....
CVE-2021-34757 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
CVE-2021-34757 Cisco Business 220 Series Smart Switches Static Key and Password Vulnerabilities
Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of...
CVE-2021-34775
CVE-2021-34775 affects Cisco Small Business 220 Series Smart Switches with LLDP enabled. An unauthenticated, adjacent attacker can execute code on the device, cause a reload, or induce LLDP database corruption via LLDP processing. The attack requires being on the same Layer 2 broadcast domain. Ci...
CVE-2021-34775 Cisco Small Business 220 Series Smart Switches Link Layer Discovery Protocol Vulnerabilities
Multiple vulnerabilities exist in the Link Layer Discovery Protocol LLDP implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly Cause LLDP database...