CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4661 – Path transversal vulnerability potentially leading to sensitive information disclosure
https://notcve.org/view.php?id=CVE-2025-4661
19 Jun 2025 — A path transversal vulnerability in Brocade Fabric OS 9.1.0 through 9.2.2 could allow a local admin user to gain access to files outside the intended directory potentially leading to the disclosure of sensitive information. Note: Admin level privilege is required on the switch in order to exploit • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35814 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 2%CPEs: 1EXPL: 0CVE-2025-1976 – Broadcom Brocade Fabric OS Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2025-1976
24 Apr 2025 — Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. Broadcom Brocade Fabric OS contains a code injection vulnerability that allows a local user with administrative privileges to execute arbitrary code with full root privileges. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25602 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-5461 – Command or parameter injection via unique embedded switch SNMP commands.
https://notcve.org/view.php?id=CVE-2024-5461
15 Feb 2025 — Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 (FC5022) embedded switch blade, makes internal script calls to system.sh from within the SNMP binary. An authenticated attacker could perform command or parameter injection on SNMP operations that are only enabled on the Brocade 6547 (FC5022) embedded switch. This injection could allow the authenticated attacker to issue commands as Root. Brocade Fabric OS versions prior to 9.2.2 suffer from 10 vulnerabilities incl... • https://packetstorm.news/files/id/190177 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5462 – Brocade Fabric OS may capture SNMP Passwords in clear text
https://notcve.org/view.php?id=CVE-2024-5462
14 Feb 2025 — If Brocade Fabric OS before Fabric OS 9.2.0 configuration settings are not set to encrypt SNMP passwords, then the SNMP privsecret / authsecret fields can be exposed in plaintext. The plaintext passwords can be exposed in a configupload capture or a supportsave capture if encryption of passwords is not enabled. An attacker can use these passwords to fetch values of the supported OIDs via SNMPv3 queries. There are also a limited number of MIB objects that can be modified. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24610 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-10403 – SFTP/FTP password could be captured in plain text in Supportsave generated from SANnav
https://notcve.org/view.php?id=CVE-2024-10403
21 Nov 2024 — Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2.1a can capture the SFTP/FTP server password used for a firmware download operation initiated by SANnav or through WebEM in a weblinker core dump that is later captured via supportsave. • https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25145 • CWE-528: Exposure of Core Dump File to an Unauthorized Control Sphere •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7516 – Brocade Fabric OS before 9.2.2 does not enforce strict host key checking
https://notcve.org/view.php?id=CVE-2024-7516
12 Nov 2024 — A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a switch admin. Brocade Fabric OS versions prior to 9.2.2 suffer from 10 vulnerabilities including, but not limited to, remote code execution, information disclosure, man-in-the-middle, weak cryptography, and hardcoded... • https://packetstorm.news/files/id/190177 • CWE-322: Key Exchange without Entity Authentication •
CVSS: 5.7EPSS: 0%CPEs: 20EXPL: 1CVE-2022-27774 – curl: credential leak on redirect
https://notcve.org/view.php?id=CVE-2022-27774
01 Jun 2022 — An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers. Una vulnerabilidad de credenciales insuficientemente protegidas se presenta en curl versión 4.9 a e incluyen curl versión 7.82.0 están afectados que podría permitir a un atacante para extraer cred... • https://hackerone.com/reports/1543773 • CWE-522: Insufficiently Protected Credentials •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 1CVE-2022-27775 – curl: bad local IPv6 connection reuse
https://notcve.org/view.php?id=CVE-2022-27775
13 May 2022 — An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. Se presenta una vulnerabilidad de divulgación de información en curl versiones 7.65.0 a 7.82.0, son vulnerables que al usar una dirección IPv6 que estaba en el pool de conexiones pero con un id de zona diferente podría reusar una conexión en su lugar A vulnerability was found in curl. This securi... • https://hackerone.com/reports/1546268 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 1CVE-2022-27776 – curl: auth/cookie leak on redirect
https://notcve.org/view.php?id=CVE-2022-27776
13 May 2022 — A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number. Una vulnerabilidad de credenciales insuficientemente protegidas fijada en curl versión 7.83.0, podría filtrar datos de autenticación o de encabezados de cookies en redireccionamientos HTTP al mismo host pero con otro número de puerto A vulnerability was found in curl. This security flaw allows leak authentication or cookie he... • https://hackerone.com/reports/1547048 • CWE-522: Insufficiently Protected Credentials •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 1CVE-2022-22576 – curl: OAUTH2 bearer bypass in connection re-use
https://notcve.org/view.php?id=CVE-2022-22576
29 Apr 2022 — An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL-enabled protocols: SMPTP(S), IMAP(S), POP3(S) and LDAP(S) (openldap only). Se presenta una vulnerabilidad de autenticación inapropiada en curl versiones 7.33.0 hasta 7.82.0 incluyéndola, que podría permitir reúso de conexiones aute... • https://hackerone.com/reports/1526328 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation CWE-306: Missing Authentication for Critical Function •