Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco sd-wan firmware vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-3468
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly valida...
Cisco Sd-wan Firmware
7.3
CVSSv3
CVE-2020-3405
A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries...
Cisco Sd-wan Firmware
5.4
CVSSv3
CVE-2020-3406
A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management...
Cisco Sd-wan Firmware
6.5
CVSSv3
CVE-2020-3437
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker...
Cisco Sd-wan Firmware
6.5
CVSSv3
CVE-2019-16002
A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the w...
Cisco Sd-wan Firmware
5.8
CVSSv3
CVE-2019-1951
A vulnerability in the packet filtering features of Cisco SD-WAN Solution could allow an unauthenticated, remote malicious user to bypass L3 and L4 traffic filters. The vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit ...
Cisco Sd-wan Firmware
7.2
CVSSv3
CVE-2019-1652
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to...
Cisco Rv320 Firmware 1.4.2.15
Cisco Rv325 Firmware 1.4.2.15
2 EDB exploits
2 Metasploit modules
2 Github repositories
2 Articles
7.5
CVSSv3
CVE-2019-1653
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote malicious user to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An at...
Cisco Rv320 Firmware 1.4.2.17
Cisco Rv320 Firmware 1.4.2.15
Cisco Rv325 Firmware 1.4.2.17
Cisco Rv325 Firmware 1.4.2.15
2 EDB exploits
2 Metasploit modules
7 Github repositories
2 Articles
10
CVSSv3
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1179 Github repositories
28 Articles
6.5
CVSSv3
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to d...
Linux Linux Kernel
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp Data Availability Services -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp E-series Santricity Os Controller
Netapp A700s Firmware -
Netapp H610s Firmware -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Oracle Sd-wan Edge 8.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »