Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
snmp vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-6058
An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out-of-bounds memory read, which can result in the disclosure of sensitive information and denial of service. To t...
Minisnmpd Project Minisnmpd 1.4
9.1
CVSSv3
CVE-2019-6572
A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15.1 Update 1), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15.1 Update 1), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 un...
Siemens Simatic Hmi Comfort Panels Firmware
Siemens Simatic Hmi Comfort Outdoor Panels Firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp400f Firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp700 Firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp700f Firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp900 Firmware
Siemens Simatic Hmi Ktp Mobile Panels Ktp900f Firmware
Siemens Simatic Wincc Runtime
Siemens Simatic Wincc \\(tia Portal\\)
Siemens Simatic Hmi Tp Firmware
Siemens Simatic Hmi Mp Firmware
Siemens Simatic Hmi Op Firmware
9.1
CVSSv3
CVE-2017-5135
Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet;...
Technicolor Dpc3928sl Firmware D3928sl-p15-13-a386-c3420r55105-160127a
1 EDB exploit
9
CVSSv3
CVE-2023-35796
A vulnerability has been identified in SINEMA Server V14 (All versions). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting (XSS)...
Siemens Sinema Server 14.0
9
CVSSv3
CVE-2020-11749
Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views. A network administrator scanning a SNMP device can trigger a Cross Site Scripting (XSS), which can run arbitrary code to allow Remote Code Execution as root or apache2.
Pandorafms Pandora Fms
8.8
CVSSv3
CVE-2023-51448
Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utili...
Cacti Cacti 1.2.25
1 Github repository
8.8
CVSSv3
CVE-2022-38066
An OS command injection vulnerability exists in the httpd SNMP functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP response can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.
Siretta Quartz-gold Firmware G5.0.1.5-210720-141020
8.8
CVSSv3
CVE-2022-36310
Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models.
Airspan Airvelocity 1500 Firmware
8.8
CVSSv3
CVE-2021-42372
A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD prior to 7.30 allows authenticated remote malicious users to execute arbitrary shell commands as the user running the service.
Xorux Lpar2rrd
Xorux Stor2rrd
8.8
CVSSv3
CVE-2021-41315
The Device42 Remote Collector prior to 17.05.01 does not sanitize user input in its SNMP Connectivity utility. This allows an authenticated attacker (with access to the console application) to execute arbitrary OS commands and escalate privileges.
Device42 Remote Collector
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »