16823 matches found
CVE-2025-20148
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...
CVE-2025-20306 Cisco Secure Firewall Management Center Software Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...
CVE-2025-20306 Cisco Secure Firewall Management Center Software Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker with Administrator-level privileges to execute arbitrary commands on the underlying operating system. This vulnerability is due to insufficie...
CVE-2025-20302 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to retrieve a generated report from a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this...
CVE-2025-20301 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this...
CVE-2025-20301 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability
A vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, low-privileged, remote attacker to access troubleshoot files for a different domain. This vulnerability is due to missing authorization checks. An attacker could exploit this...
CVE-2025-20265
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...
CVE-2025-20235 Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
CVE-2025-20235 Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
CVE-2025-20235
CVE-2025-20235 is a cross-site scripting (XSS) vulnerability in Cisco Secure Firewall Management Center (FMC) Web UI. Multiple connected sources confirm unauthenticated remote exploitation through insufficient input validation in the FMC web-based management interface, allowing arbitrary script e...
CVE-2025-20218 Cisco Secure Firepower Management Center Software XPATH Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insufficient input validation. An attacker could...
CVE-2025-20218
Cisco Secure Firewall Management Center (FMC) Software is affected by a vulnerability in its web-based management interface caused by insufficient input validation. An authenticated remote attacker with valid administrative credentials could send a crafted request to retrieve sensitive informatio...
CVE-2025-20218 Cisco Secure Firepower Management Center Software XPATH Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insufficient input validation. An attacker could...
CVE-2025-20148 Cisco Secure Firewall Management Center HTML Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to inject arbitrary HTML content into a device-generated document. This vulnerability is due to improper validation of user-supplied data. An...
Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of...
Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability
A vulnerability in the RADIUS subsystem implementation of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to inject arbitrary shell commands that are executed by the device. This vulnerability is due to a lack of proper handling of user input...
Cisco Secure Firewall Management Center Software XPATH Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to retrieve sensitive information from an affected device. This vulnerability is due to insufficient input validation. An attacker could...
Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an authenticated, remote attacker to access files that they are not authorized to access. For more information about these vulnerabilities, see the Details "details"...
CVE-2025-33023
A vulnerability has been identified in RUGGEDCOM ROX MX5000 All versions, RUGGEDCOM ROX MX5000RE All versions, RUGGEDCOM ROX RX1400 All versions, RUGGEDCOM ROX RX1500 All versions, RUGGEDCOM ROX RX1501 All versions, RUGGEDCOM ROX RX1510 All versions, RUGGEDCOM ROX RX1511 All versions, RUGGEDCOM R...
CVE-2025-48862
Ambiguous wording in the web interface of the ctrlX OS setup mechanism could lead the user to believe that the backup file is encrypted when a password is set. However, only the private key - if available in the backup - is encrypted, while the backup file itself remains unencrypted...