CVSS: 7.1EPSS: 0%CPEs: 306EXPL: 0CVE-2018-0180 – Cisco IOS Software Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-0180
Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599. Múltiples vulnerabilidades en la característica Login Enhancements (Login Block) de Cisco IOS Software permite que un atacante remoto no autenticado desencadene el reinicio de un sistema afectado. Esto resulta una condición de denegación de servicio (DoS). • http://www.securityfocus.com/bid/103556 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-slogin • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2018-0150
https://notcve.org/view.php?id=CVE-2018-0150
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. • http://www.securityfocus.com/bid/103539 http://www.securitytracker.com/id/1040579 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc • CWE-798: Use of Hard-coded Credentials •
CVSS: 8.6EPSS: 1%CPEs: 24EXPL: 0CVE-2018-0173 – Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2018-0173
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. • http://www.securityfocus.com/bid/103545 http://www.securitytracker.com/id/1040591 https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04 https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dhcpr2 https://www.tenable.com/security/research/tra-2018-06 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2017-12223
https://notcve.org/view.php?id=CVE-2017-12223
A vulnerability in the ROM Monitor (ROMMON) code of Cisco IR800 Integrated Services Router Software could allow an unauthenticated, local attacker to boot an unsigned Hypervisor on an affected device and compromise the integrity of the system. The vulnerability is due to insufficient sanitization of user input. An attacker who can access an affected router via the console could exploit this vulnerability by entering ROMMON mode and modifying ROMMON variables. A successful exploit could allow the attacker to execute arbitrary code and install a malicious version of Hypervisor firmware on an affected device. Cisco Bug IDs: CSCvb44027. • http://www.securityfocus.com/bid/100689 http://www.securitytracker.com/id/1039275 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170906-isr • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 2CVE-2017-11502 – Cisco DPC3928 Router - Arbitrary File Disclosure
https://notcve.org/view.php?id=CVE-2017-11502
Technicolor DPC3928AD DOCSIS devices allow remote attackers to read arbitrary files via a request starting with "GET /../" on TCP port 4321. Los dispositivos DOCSIS DPC3928AD de Technicolor permiten a los atacantes remotos leer archivos arbitrarios por medio de una petición que comienza con "GET /../" sobre el puerto TCP 4321. • https://www.exploit-db.com/exploits/44070 https://blogs.securiteam.com/index.php/archives/2911#more-2911 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •