Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tcpdump tcpdump vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2018-0351
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local malicious user to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could ex...
Cisco Vmanage Network Management -
Cisco Vbond Orchestrator -
Cisco Vedge-pro -
Cisco Vsmart Controller -
Cisco Vedge-plus -
Cisco Vedge-100 Firmware
Cisco Vedge 100b Firmware
Cisco Vedge 100m Firmware
Cisco Vedge 100wm Firmware
Cisco Vedge-1000 Firmware
Cisco Vedge-2000 Firmware
Cisco Vedge-5000 Firmware
5.3
CVSSv3
CVE-2019-15282
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an unauthenticated, remote attacker read tcpdump files generated on an affected device. The vulnerability is due an issue in the authentication logic of the web-base...
Cisco Identity Services Engine Software 2.4\\(0.357\\)
Cisco Identity Services Engine Software
NA
CVE-2003-0670
Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow.
Sustainable Softworks Ipnetsentryx
Sustainable Softworks Ipnetmonitorx
7.8
CVSSv3
CVE-2022-47040
An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows malicious users to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80.
Askey Rtf3505vw-n1 Firmware Br Sv G000 R3505vmn1001 S32 7
1 Github repository
NA
CVE-2023-202242
Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.
6.5
CVSSv3
CVE-2019-15709
An improper input validation in FortiAP-S/W2 6.2.0 to 6.2.2, 6.0.5 and below, FortiAP-U 6.0.1 and below CLI admin console may allow unauthorized administrators to overwrite system files via specially crafted tcpdump commands in the CLI.
Fortinet Fortiap-s
Fortinet Fortiap-w2
Fortinet Fortiap-u
8.8
CVSSv3
CVE-2017-11455
diag.cgi in Pulse Connect Secure 8.2R1 up to and including 8.2R5, 8.1R1 up to and including 8.1R10 and Pulse Policy Secure 5.3R1 up to and including 5.3R5, 5.2R1 up to and including 5.2R8, and 5.1R1 up to and including 5.1R10 allow remote malicious users to hijack the authenticat...
Pulsesecure Pulse Connect Secure 8.2r1.1
Pulsesecure Pulse Connect Secure 8.2r2.0
Pulsesecure Pulse Connect Secure 8.1r1.0
Pulsesecure Pulse Connect Secure 8.2r4.0
Pulsesecure Pulse Connect Secure 8.2r5.0
Pulsesecure Pulse Connect Secure 8.2r1.0
Pulsesecure Pulse Connect Secure 8.2r4.1
Pulsesecure Pulse Connect Secure 8.2r3.1
Pulsesecure Pulse Connect Secure 8.2r3.0
Ivanti Connect Secure 8.1
Pulsesecure Pulse Policy Secure 5.1r5.0
Pulsesecure Pulse Policy Secure 5.1r1.1
Pulsesecure Pulse Policy Secure 5.1r2.0
Pulsesecure Pulse Policy Secure 5.2r7.0
Pulsesecure Pulse Policy Secure 5.3r7.0
Pulsesecure Pulse Policy Secure 5.3r4.1
Pulsesecure Pulse Policy Secure 5.3r2.0
Pulsesecure Pulse Policy Secure 5.3r3.0
Pulsesecure Pulse Policy Secure 5.1r10
Pulsesecure Pulse Policy Secure 5.3r1.0
Pulsesecure Pulse Policy Secure 5.1r2.1
Pulsesecure Pulse Policy Secure 5.1r1.0
NA
CVE-2013-3666
The LG Hidden Menu component for Android on the LG Optimus G E973 allows physically proximate malicious users to execute arbitrary commands by entering USB Debugging mode, using Android Debug Bridge (adb) to establish a USB connection, dialing 3845#*973#, modifying the WLAN Test ...
Google Android 4.1.2
Lg Optimus G E973 -
8.8
CVSSv3
CVE-2016-4965
Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users with access to the nslookup functionality to execute arbitrary commands with root privileges via the graph parameter to diagnosis_control.php.
Fortinet Fortiwan
6.5
CVSSv3
CVE-2016-4966
The diagnosis_control.php page in Fortinet FortiWan (formerly AscernLink) prior to 4.2.5 allows remote authenticated users to download PCAP files via vectors related to the UserName GET parameter.
Fortinet Fortiwan
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »