CVSS: 4.7EPSS: 0%CPEs: 37EXPL: 0CVE-2021-1436 – Cisco IOS XE SD-WAN Software Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2021-1436
24 Mar 2021 — A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to conduct path traversal attacks and obtain read access to sensitive files on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted request to an affected system. A successful exploit could allow the attacker to view arbitrary files on the affected system. Una vulnerabilidad en la CLI del Software... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwpathtrav-nsrue2Mt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 36EXPL: 0CVE-2021-1435 – Cisco IOS XE Software Web UI Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2021-1435
24 Mar 2021 — A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to the web UI of an affected device with arbitrary commands injected into a portion of the request. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Una vulnerabili... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webcmdinjsh-UFJxTgZD • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.6EPSS: 0%CPEs: 27EXPL: 0CVE-2021-1434 – Cisco IOS XE SD-WAN Software Arbitrary File Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2021-1434
24 Mar 2021 — A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of any arbitrary file that resides on the underlying host file system. Una vulnerabi... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-arbfile-FUxskKDE • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2021-1433 – Cisco IOS XE SD-WAN Software vDaemon Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-1433
24 Mar 2021 — A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. The attacker must have a man-in-the-middle position between Cisco vManage and an associated device that is running an affected version of Cisco IOS XE SD-WAN Softw... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-buffover-CqdRWLc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 26EXPL: 0CVE-2021-1432 – Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1432
24 Mar 2021 — A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are th... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2021-1431 – Cisco IOS XE SD-WAN Software vDaemon Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1431
24 Mar 2021 — A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en el proceso vDaemon d... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwdos-4zeEeC9w • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 23EXPL: 0CVE-2021-1236 – Multiple Cisco Products Snort Application Detection Engine Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1236
13 Jan 2021 — Multiple Cisco products are affected by a vulnerability in the Snort application detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. The vulnerability is due to a flaw in the detection algorithm. An attacker could exploit this vulnerability by sending crafted packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured policies and deliver a malicious payload to the protec... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 5.8EPSS: 0%CPEs: 48EXPL: 0CVE-2021-1224 – Multiple Cisco Products Snort TCP Fast Open File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1224
13 Jan 2021 — Multiple Cisco products are affected by a vulnerability with TCP Fast Open (TFO) when used in conjunction with the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect detection of the HTTP payload if it is contained at least partially within the TFO connection handshake. An attacker could exploit this vulnerability by sending crafted TFO packets with an HTTP payload through an affected device. A succes... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0CVE-2021-1223 – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-1223
13 Jan 2021 — Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload. Múltiples productos de... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-693: Protection Mechanism Failure •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3444 – Cisco SD-WAN Software Packet Filtering Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3444
06 Nov 2020 — A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by crafting a malicious TCP packet with specific characteristics and sending it to a targeted device. A successful exploit could allow the attacker to bypass the L3 and L4 traffic filters and inject an arbitrary packet ... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cedge-filt-bypass-Y6wZMqm4 • CWE-20: Improper Input Validation •