Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
VyosVyos

3 matches found

CVE
CVEadded 2025/03/31 3:15 p.m.84 views

CVE-2025-30095

VyOS 1.3 through 1.5 (fixed in 1.4.2) or any Debian-based system using dropbear in combination with live-build has the same Dropbear private host keys across different installations. Thus, an attacker can conduct active man-in-the-middle attacks against SSH connections if Dropbear is enabled as the...

9CVSS6.4AI score0.00086EPSS
CVE
CVEadded 2018/12/17 7:29 p.m.78 views

CVE-2018-18556

A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated (sudo) permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions an...

9.9CVSS9.6AI score0.69794EPSS
CVE
CVEadded 2018/12/17 7:29 p.m.37 views

CVE-2018-18555

A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the ...

9.9CVSS9.4AI score0.01449EPSS