CVSS: 9.3EPSS: 0%CPEs: 23EXPL: 0CVE-2021-1433 – Cisco IOS XE SD-WAN Software vDaemon Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2021-1433
24 Mar 2021 — A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when the device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. The attacker must have a man-in-the-middle position between Cisco vManage and an associated device that is running an affected version of Cisco IOS XE SD-WAN Softw... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-buffover-CqdRWLc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.3EPSS: 0%CPEs: 26EXPL: 0CVE-2021-1432 – Cisco IOS XE SD-WAN Software Arbitrary Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-1432
24 Mar 2021 — A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as the root user. The attacker must be authenticated on the affected device as a low-privileged user to exploit this vulnerability. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by injecting arbitrary commands to a file as a lower-privileged user. The commands are th... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwarbcmdexec-sspOMUr3 • CWE-20: Improper Input Validation CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 1%CPEs: 32EXPL: 0CVE-2021-1431 – Cisco IOS XE SD-WAN Software vDaemon Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-1431
24 Mar 2021 — A vulnerability in the vDaemon process of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a device to reload, resulting a denial of service (DoS) condition. This vulnerability is due to insufficient handling of malformed packets. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Una vulnerabilidad en el proceso vDaemon d... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-sdwdos-4zeEeC9w • CWE-20: Improper Input Validation •
CVSS: 7.2EPSS: 0%CPEs: 98EXPL: 0CVE-2020-3417 – Cisco IOS XE Software Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-3417
24 Sep 2020 — A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. This vulnerability is due to incorrect validations by boot scripts when specific ROM monitor (ROMMON) variables are set. An attacker could exploit this vulnerability by installing code to a specific directory in the underlying operating system (OS) and setting a specific ROMMON variable. A successful exploit could allow the attacker to execute persistent... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xbace-OnCEbyS • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 1%CPEs: 216EXPL: 0CVE-2020-3425 – Cisco IOS XE Software Privilege Escalation Vulnerabilities
https://notcve.org/view.php?id=CVE-2020-3425
24 Sep 2020 — Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en el framework de administración web de Cisco IOS XE Software, podrían permitir a un atacante remoto autenticado con privilegios de solo lectura elevar los... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-priv-esc-K8zvEWM • CWE-20: Improper Input Validation •
CVSS: 5.8EPSS: 0%CPEs: 23EXPL: 0CVE-2020-3315 – Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2020-3315
06 May 2020 — Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and... • https://lists.debian.org/debian-lts-announce/2023/02/msg00011.html • CWE-668: Exposure of Resource to Wrong Sphere CWE-693: Protection Mechanism Failure •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2019-12665 – Cisco IOS and IOS XE Software HTTP Client Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-12665
25 Sep 2019 — A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to read and modify data that should normally have been sent via an encrypted channel. The vulnerability is due to TCP port information not being considered when matching new requests to existing, persistent HTTP connections. An attacker could exploit this vulnerability by acting as a man-in-the-middle and then reading and/or modifying data that should normally have been sent through an... • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-http-client • CWE-399: Resource Management Errors •
CVSS: 8.6EPSS: 0%CPEs: 3EXPL: 0CVE-2018-15377 – Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability
https://notcve.org/view.php?id=CVE-2018-15377
05 Oct 2018 — A vulnerability in the Cisco Network Plug and Play agent, also referred to as the Cisco Open Plug-n-Play agent, of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device. The vulnerability is due to insufficient input validation by the affected software. An attacker could exploit this vulnerability by sending invalid data to the Cisco Network Plug and Play agent on an affected device. A successful exploit could allow the atta... • https://ics-cert.us-cert.gov/advisories/ICSA-19-094-02 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.6EPSS: 9%CPEs: 24EXPL: 0CVE-2018-0173 – Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2018-0173
28 Mar 2018 — A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker ... • http://www.securityfocus.com/bid/103545 • CWE-20: Improper Input Validation •