CVSS: 6.5EPSS: 0%CPEs: 64EXPL: 0CVE-2023-20056 – Cisco Access Point Software Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20056
23 Mar 2023 — A vulnerability in the management CLI of Cisco access point (AP) software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to cause an affected device to reload spontaneously, resu... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-cli-dos-tc2EKEpu • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 274EXPL: 0CVE-2023-20066 – Cisco IOS XE Software Web UI Path Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2023-20066
23 Mar 2023 — A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: Th... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-pthtrv-es7GSb9V • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •
CVSS: 7.4EPSS: 0%CPEs: 48EXPL: 0CVE-2023-20067 – Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20067
23 Mar 2023 — A vulnerability in the HTTP-based client profiling feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of received traffic. An attacker could exploit this vulnerability by sending crafted traffic through a wireless access point. A successful exploit could allow the attacker to cause CPU utilization to increase, which... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-dos-wFujBHKw • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 8.6EPSS: 0%CPEs: 852EXPL: 0CVE-2023-20080 – Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-20080
23 Mar 2023 — A vulnerability in the IPv6 DHCP version 6 (DHCPv6) relay and server features of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to insufficient validation of data boundaries. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dhcpv6-dos-44cMvdDK • CWE-129: Improper Validation of Array Index •
CVSS: 7.2EPSS: 0%CPEs: 46EXPL: 0CVE-2023-20082 – Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2023-20082
23 Mar 2023 — A vulnerability in Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to errors that occur when retrieving the public release key that is used for image signature verification. An attacker could exploit this vulnerability by modifying specific variables in the Serial P... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9300-spi-ace-yejYgnNQ • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.7EPSS: 0%CPEs: 64EXPL: 0CVE-2023-20097 – Cisco Access Point Software Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20097
23 Mar 2023 — A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker to inject arbitrary commands and execute them with root privileges. This vulnerability is due to improper input validation of commands that are issued from a wireless controller to an AP. An attacker with Administrator access to the CLI of the controller could exploit this vulnerability by issuing a command with crafted arguments. A successful exploit could allow the attacker to gain full root access on the AP. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aironetap-cmdinj-6bjT4FL8 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 47EXPL: 0CVE-2023-20076 – Cisco IOx Application Hosting Environment Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2023-20076
12 Feb 2023 — A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit coul... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-8whGn5dL • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-233: Improper Handling of Parameters •
CVSS: 8.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-20856 – Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Mobility Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20856
30 Sep 2022 — A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) Mobility messages in Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error and improper management of resources related to the handling of CAPWAP Mobility messages. An attacker could exploit this vulnerability by sending crafted CAPWAP Mob... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-mob-dos-342YAc6J • CWE-664: Improper Control of a Resource Through its Lifetime •
CVSS: 8.6EPSS: 0%CPEs: 8EXPL: 0CVE-2022-20847 – Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family DHCP Processing Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2022-20847
30 Sep 2022 — A vulnerability in the DHCP processing functionality of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of DHCP messages. An attacker could exploit this vulnerability by sending malicious DHCP messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulner... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dhcp-dos-76pCjPxK • CWE-399: Resource Management Errors •
CVSS: 4.7EPSS: 0%CPEs: 312EXPL: 1CVE-2021-27853 – L2 network filtering can be bypassed using stacked VLAN0 and LLC/SNAP headers
https://notcve.org/view.php?id=CVE-2021-27853
27 Sep 2022 — Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers. Las capacidades de filtrado de la red de capa 2, como la protección IPv6 RA o la inspección ARP, pueden omitirse usando combinaciones de encabezados VLAN 0 y encabezados LLC/SNAP • https://blog.champtar.fr/VLAN0_LLC_SNAP • CWE-290: Authentication Bypass by Spoofing •