Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zebra vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2008-1160
ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote malicious users to gain privileges.
Zyxel Zywall 1050 Firmware -
1 EDB exploit
7.5
CVSSv2
CVE-2016-1245
It exists that the zebra daemon in Quagga prior to 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. The root cause was relying on BUFSIZ to be compatible with a message size; however, BUFSIZ is system-dependent.
Quagga Quagga
Debian Debian Linux 8.0
5
CVSSv2
CVE-2021-21817
An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerabil...
Dlink Dir-3040 Firmware 1.13b03
5
CVSSv2
CVE-2021-21818
A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of requests to trigger this vulnerability.
Dlink Dir-3040 Firmware 1.13b03
NA
CVE-2023-25583
Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
Milesight Ur32l Firmware 32.3.0.5
NA
CVE-2023-25582
Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
Milesight Ur32l Firmware 32.3.0.5
8.3
CVSSv2
CVE-2021-20132
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 use default hard-coded credentials, which can allow a remote malicious user to gain administrative access to the zebra or ripd those services. Both are running with root privileges on the router (i.e., as th...
Dlink Dir-2640-us Firmware
NA
CVE-2024-3125
A vulnerability classified as problematic was found in Zebra ZTC GK420d 1.0. This vulnerability affects unknown code of the file /settings of the component Alert Setup Page. The manipulation of the argument Address leads to cross site scripting. The attack can be initiated remote...
7.4
CVSSv2
CVE-2021-20134
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated malicious user to set an arbitrary file on the router's filesystem as the log file used by either Quagga serv...
Dlink Dir-2640-us Firmware
7.1
CVSSv2
CVE-2021-20133
Quagga Services on D-Link DIR-2640 less than or equal to version 1.11B02 are affected by an absolute path traversal vulnerability that allows a remote, authenticated malicious user to set the "message of the day" banner to any file on the system, allowing them to read a...
Dlink Dir-2640-us Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2