Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tcpdump tcpdump vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-4501
A vulnerability was found in Ruijie RG-UAC up to 20240428. It has been rated as critical. This issue affects some unknown processing of the file /view/bugSolve/captureData/commit.php. The manipulation of the argument tcpDump leads to os command injection. The attack may be initia...
NA
CVE-2024-2397
Due to a bug in packet data buffers management, the PPP printer in tcpdump can enter an infinite loop when reading a crafted DLT_PPP_SERIAL .pcap savefile. This problem does not affect any tcpdump release, but it affected the git master branch from 2023-06-05 to 2024-03-21.
NA
CVE-2023-202242
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.
7.8
CVSSv3
CVE-2023-20224
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent, Virtual Appliance installation type, could allow an authenticated, local malicious user to elevate privileges to root on an affected device. This vulnerability is due to insufficient input validation of user-suppl...
Cisco Thousandeyes Enterprise Agent
6.5
CVSSv3
CVE-2023-1801
The SMB protocol decoder in tcpdump version 4.99.3 can perform an out-of-bounds write when decoding a crafted network packet.
Tcpdump Tcpdump 4.99.3
7.8
CVSSv3
CVE-2022-47040
An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows malicious users to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80.
Askey Rtf3505vw-n1 Firmware Br Sv G000 R3505vmn1001 S32 7
1 Github repository
9.1
CVSSv3
CVE-2019-15167
The VRRP parser in tcpdump prior to 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463.
Tcpdump Tcpdump
8.8
CVSSv3
CVE-2019-9971
PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an malicious user to gain root privileges by using sudo with the tcpdump command, without a password. This occurs because the -z (aka postrotate-command) option to tcpdump can be unsafe when u...
3cx Phone System Firmware 16.0.0.1570
Debian Debian Linux -
5.5
CVSSv3
CVE-2021-41043
Use after free in tcpslice triggers AddressSanitizer, no other confirmed impact.
Tcpdump Tcpslice
7.8
CVSSv3
CVE-2021-31357
A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. The...
Juniper Junos Os Evolved 20.4
Juniper Junos Os Evolved 21.1
Juniper Junos Os Evolved 21.2
Juniper Junos Os Evolved
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »