Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quagga quagga - vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-35136
An improper input validation vulnerability in the “Quagga” package of the Zyxel ATP series firmware versions 4.32 up to and including 5.37, USG FLEX series firmware versions 4.50 up to and including 5.37, USG FLEX 50(W) series firmware versions 4.16 up to and includin...
Zyxel Zld
8.8
CVSSv3
CVE-2021-20132
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote malicious user to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router (i.e., as th...
Dlink Dir-2640-us Firmware
6.1
CVSSv3
CVE-2021-20133
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated malicious user to set the "message of the day" banner to any file on the system, allowing them to read a...
Dlink Dir-2640-us Firmware
8.4
CVSSv3
CVE-2021-20134
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated malicious user to set an arbitrary file on the router's filesystem as the log file used by either Quagga serv...
Dlink Dir-2640-us Firmware
7.8
CVSSv3
CVE-2021-44038
An issue exists in Quagga up to and including 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users (with control of the non-root-owned directory /etc/quagga) to escalate their privileges to root upon package installation or update.
Quagga Quagga
8.1
CVSSv3
CVE-2021-34203
D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telne...
Dlink Dir-2640-us Firmware 1.01b04
1 Github repository
6.5
CVSSv3
CVE-2012-5521
quagga (ospf6d) 0.99.21 has a DoS flaw in the way the ospf6d daemon performs routes removal
Quagga Quagga 0.99.21
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux 5.0
Redhat Enterprise Linux 6.0
8.8
CVSSv3
CVE-2019-9229
An issue exists on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions F7.20A to F7.20A.251. An internal interface exposed to the link-local address 169.254.254.253 allows attackers in the local network to access multiple quagga VTYs. A...
Audiocodes Median 500l-msbr Firmware
Audiocodes Median 500-msbr Firmware
Audiocodes Median M800b-msbr Firmware
Audiocodes Median 800c-msbr Firmware
8.2
CVSSv3
CVE-2017-3224
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbe...
Quagga Quagga -
Suse Opensuse -
Suse Suse Linux -
Redhat Package Manager -
5.9
CVSSv3
CVE-2018-5378
The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Arbitrary data from the bgpd process may be sent over the network to a peer and/or bgpd may crash.
Quagga Quagga
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 17.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »