17 matches found
EUVD-2018-1098
Malware in sbrugna...
EUVD-2020-24524
Malware in sbrugna...
Cisco Firepower Threat Defense Software Shell Access (cisco-sa-ftd-shell-9rhJF68K)
According to its self-reported version, Cisco Firepower Threat Defense Software is affected by a shell access vulnerability in the support tunnel feature due to improper configuration of that feature. An authenticated, local attacker can exploit this, by enabling the support tunnel, setting a key...
CVE-2020-3253
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
Input validation
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253 Cisco Firepower Threat Defense Software Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2020-3253
Cisco Firepower Threat Defense (FTD) Software contains a shell access vulnerability in the support tunnel feature. An authenticated, local attacker can enable the support tunnel, set a key, and derive the tunnel password to execute arbitrary commands with root privileges, even when expert mode is...
Cisco Firepower Threat Defense Software Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
Input validation
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
CVE-2018-0275
Cisco Identity Services Engine (ISE) contains a local, authenticated-exploit vulnerability in the support tunnel feature. Improper configuration can let an attacker unlock the support user account and access the tunnel password and device serial number, enabling execution of arbitrary commands wi...
Cisco Identity Services Engine Shell Access Vulnerability
A vulnerability in the support tunnel feature of Cisco Identity Services Engine ISE could allow an authenticated, local attacker to access the device's shell. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by tricking...
Barracuda WAF V360 Firmware 8.0.1.014 Support Tunnel Hijack Exploit
Barracuda WAF V360 with firmware 8.0.1.014 suffers from a support tunnel hijacking vulnerability. Title: Barracuda WAF Support Tunnel Hijack 1. Vulnerability Details Affected Vendor: Barracuda Affected Product: Web Application Firewall V360 Affected Version: Firmware v8.0.1.014 Platform: Embedded...