Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quagga quagga vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-1245
It exists that the zebra daemon in Quagga prior to 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.
Quagga Quagga
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2008-1160
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote malicious users to gain privileges.
Zyxel Zywall 1050 Firmware -
1 EDB exploit
8.8
CVSSv3
CVE-2021-20132
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote malicious user to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router (i.e., as th...
Dlink Dir-2640-us Firmware
8.8
CVSSv3
CVE-2019-9229
An issue exists on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. A...
Audiocodes Median 500l-msbr Firmware
Audiocodes Median 500-msbr Firmware
Audiocodes Median M800b-msbr Firmware
Audiocodes Median 800c-msbr Firmware
8.4
CVSSv3
CVE-2021-20134
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated malicious user to set an arbitrary file on the router's filesystem as the log file used by either Quagga serv...
Dlink Dir-2640-us Firmware
8.2
CVSSv3
CVE-2017-3224
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbe...
Quagga Quagga -
Suse Opensuse -
Suse Suse Linux -
Redhat Package Manager -
8.1
CVSSv3
CVE-2021-34203
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telne...
Dlink Dir-2640-us Firmware 1.01b04
1 Github repository
7.8
CVSSv3
CVE-2021-44038
An issue exists in Quagga up to and including 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update.
Quagga Quagga
7.8
CVSSv3
CVE-2018-5279
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
7.8
CVSSv3
CVE-2018-5278
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been ...
Malwarebytes Malwarebytes 3.3.1.2183
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »