1098 matches found
CVE-2022-20894 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20901 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20902
Cisco Small Business RV110W, RV130, RV130W, and RV215W routers are affected by CVE-2022-20902, with multiple vulnerabilities in the web-based management interface that allow an authenticated attacker to execute arbitrary commands with root privileges or trigger device restarts (DoS). Root cause: ...
CVE-2022-20904 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20874 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20877 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
Cisco Unified Communications Manager XSS (cisco-sa-cucm-xss-ksKd5yfA)
The version of Cisco Unified Communications Manager installed on the remote host is version 14 prior to 14SU2. It is, therefore affect by a cross-site scripting vulnerability XSS in the web-based management interface. An unauthenticated remote attacker can, with the action of an authorized user,...
Cross site scripting
A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM, Cisco Unified CM Session Management Edition Unified CM SME, and Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P could allow an unauthenticated, remote attacker to...
CVE-2022-20800
Summary: CVE-2022-20800 describes a cross-site scripting (XSS) vulnerability in Cisco Unified Communications Manager family web interfaces (CUCM, Unified CM SME, Unified CM IM&P, and Unity Connection). The issue stems from improper validation of user-supplied input in the web-based management int...
CVE-2022-20828 Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerabilit...
Cisco FirePOWER Software for ASA FirePOWER Module Command Injection Vulnerability
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance ASA FirePOWER module could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the root user. This vulnerabilit...
CVE-2022-20825
The CVE-2022-20825 entry corresponds to Cisco Small Business RV110W/RV130/RV130W/RV215W routers. The vulnerability stems from insufficient input validation of incoming HTTP packets in the web-based management interface, enabling an unauthenticated, remote attacker to execute arbitrary code or cau...
CVE-2022-20819 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...
CVE-2022-20674
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...
CVE-2022-20797
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...
CVE-2022-20797
CVE-2022-20797 is a remote command execution vulnerability in the web-based management interface of Cisco Secure Network Analytics (formerly Cisco Stealthwatch Enterprise). It arises from insufficient input validation in the web UI, allowing an authenticated, remote attacker to inject commands an...
CVE-2022-20797 Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...
CVE-2022-20797 Cisco Secure Network Analytics Remote Code Execution Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary commands as an administrator on the underlying operating system. This vulnerability is due to...
CVE-2022-20674 Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector CSPC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. These vulnerabilities are due to insufficient...
CVE-2022-20673
Cisco CSPC (Common Services Platform Collector) web-based management interface has multiple XSS vulnerabilities caused by insufficient input validation. A remote, unauthenticated attacker could trick a user into clicking a crafted link, potentially executing arbitrary script in the interface cont...