Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
net-snmp net-snmp vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-36310
Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models.
Airspan Airvelocity 1500 Firmware
7.8
CVSSv3
CVE-2020-15862
Net-SNMP up to and including 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
Net-snmp Net-snmp
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 18.04
Netapp Cloud Backup -
Netapp Smi-s Provider -
Netapp Solidfire -
Netapp Hci Management Node -
7.8
CVSSv3
CVE-2020-15861
Net-SNMP up to and including 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.
Net-snmp Net-snmp
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Netapp Cloud Backup -
Netapp Smi-s Provider -
Netapp Solidfire \\& Hci Management Node -
6.5
CVSSv3
CVE-2019-20892
net-snmp prior to 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.
Net-snmp Net-snmp
Oracle Zfs Storage Appliance Kit 8.8
6.5
CVSSv3
CVE-2018-18065
_set_key in agent/helpers/table_container.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an authenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Debian Debian Linux 9.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 12.04
Netapp Cloud Backup -
Netapp E-series Santricity Os Controller
Netapp Data Ontap -
Netapp Storagegrid Webscale -
Netapp Hyper Converged Infrastructure -
Netapp Solidfire Element Os -
Paloaltonetworks Pan-os
1 EDB exploit
7.5
CVSSv3
CVE-2018-18066
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP prior to 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated malicious user to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
Net-snmp Net-snmp
Netapp Storagegrid Webscale -
Netapp Solidfire Element Os -
Netapp Hyper Converged Infrastructure -
Netapp Cloud Backup -
Netapp Data Ontap -
Netapp E-series Santricity Os Controller
NA
CVE-2015-8100
The net-snmp package in OpenBSD up to and including 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file.
Net-snmp Net-snmp
NA
CVE-2014-2310
The AgentX subagent in Net-SNMP prior to 5.4.4 allows remote malicious users to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151.
Net-snmp Net-snmp
NA
CVE-2012-6151
Net-SNMP 5.7.1 and previous versions, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote malicious users to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.
Apple Mac Os X 10.11.0
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 13.10
Net-snmp Net-snmp 5.3
Net-snmp Net-snmp 5.2
Net-snmp Net-snmp 5.0.5
Net-snmp Net-snmp 5.0.4
Net-snmp Net-snmp
Net-snmp Net-snmp 5.7
Net-snmp Net-snmp 5.1.2
Net-snmp Net-snmp 5.1
Net-snmp Net-snmp 5.0.3
Net-snmp Net-snmp 5.0.2
Net-snmp Net-snmp 5.4
Net-snmp Net-snmp 5.3.0.1
Net-snmp Net-snmp 5.0.7
Net-snmp Net-snmp 5.0.6
Net-snmp Net-snmp 5.6
Net-snmp Net-snmp 5.5
Net-snmp Net-snmp 5.0.9
1 EDB exploit
NA
CVE-2012-2141
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table.
Net-snmp Net-snmp 5.7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »