1098 matches found
CVE-2023-20146 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20102 Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to insufficient sanitization of user-provided data that is parsed into syst...
CVE-2023-20146 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20144 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20138 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20143 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. These vulnerabilities are due t...
CVE-2023-20030
Cisco Identity Services Engine (ISE) exposes a XXE-based vulnerability in its web-based management interface. The issue arises from improper handling of XML External Entity entries when parsing certain XML files, enabling an authenticated, remote attacker (requiring Super Admin or Policy Admin cr...
PT-2023-2210 · Cisco · Cisco Unified Contact Center Express
Name of the Vulnerable Software and Affected Versions: Cisco Unified Contact Center Express Unified CCX affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to perform a stored cross-site scripting XSS...
CVE-2023-20149
The CVE-2023-20149 entry concerns Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers. Affected component: the web-based management interface. Root cause: insufficient input validation enables cross-site scripting (XSS). Impact: unauthenticated, remote attacker can craft HT...
CVE-2023-20150
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers are affected by multiple cross-site scripting (XSS) vulnerabilities in the web-based management interface due to insufficient input validation. The issues are exploitable by sending crafted HTTP requests and convincing a u...
CVE-2023-20141
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 router devices are affected by multiple stored XSS vulnerabilities in the web-based management interface caused by insufficient input validation. An unauthenticated, remote attacker could lure a user to a crafted page to execute a...
CVE-2023-20147
CVE-2023-20147 concerns multiple XSS vulnerabilities in the web-based management interfaces of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers. Root cause: insufficient input validation in the web interface, enabling an unauthenticated, remote attacker to craft HTTP req...
CVE-2023-20139
Summary of CVE-2023-20139 (Cisco Small Business routers) Affected devices: Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers. Vulnerability and root cause: Cross-site scripting (XSS) vulnerabilities in the web-based management interface due to insufficient input validatio...
CVE-2023-20129
CVE-2023-20129 covers multiple vulnerabilities in the web‑based management interfaces of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM). The issues include information disclosure, cross‑site scripting (XSS), cross‑site request forgery (CSRF), and an arbitrary fil...
CVE-2023-20138
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers’ web-based management interface contains cross-site scripting (XSS) vulnerabilities due to insufficient input validation. An unauthenticated, remote attacker could lure a user to a malicious page and execute arbitrary scri...
CVE-2023-20073 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload Vulnerability
A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...
Cisco Small Business Routers Multiple Vulnerabilities (cisco-sa-sbr042-multi-vuln-ej76Pke5)
According to it's reported model number, the remote device is a Cisco Small Business Router model RV016, RV042, RV042G, RV082, RV320, or RV325. It is, therefore no longer supported and affected by multiple vulnerabilities: - A vulnerability in the web-based management interface of Cisco Small...
CVE-2023-20113
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
CVE-2023-20113 Cisco SD-WAN vManage Software Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management...
Cisco SD-WAN vManage Software Cluster Mode Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software when it is operating in cluster mode could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. This vulnerability is due to insufficient CSRF...