|
200831
|
9.8 |
CRITICAL
Network
|
cisco
|
small_business_rv_series_router_firmware
|
A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary…
|
CWE-20
CWE-78
Improper Input Validation
OS Command
|
CVE-2021-1602
|
2024-11-21 14:44 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200832
|
7.3 |
HIGH
Local
|
cisco
|
packet_tracer
|
A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker mu…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2021-1593
|
2024-11-21 14:44 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200833
|
7.8 |
HIGH
Local
|
cisco
|
confd
network_services_orchestrator
|
A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this v…
|
CWE-269
Improper Privilege Management
|
CVE-2021-1572
|
2024-11-21 14:44 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200834
|
4.3 |
MEDIUM
Network
|
cisco
|
connected_mobile_experiences
|
A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote attacker to alter their own password to a value that does not comply with t…
|
CWE-521
Weak Password Requirements
|
CVE-2021-1522
|
2024-11-21 14:44 |
2021-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200835
|
7.2 |
HIGH
Network
|
cisco
|
intersight_virtual_appliance
|
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection att…
|
CWE-78
OS Command
|
CVE-2021-1618
|
2024-11-21 14:44 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200836
|
6.5 |
MEDIUM
Network
|
cisco
|
intersight_virtual_appliance
|
Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection att…
|
CWE-22
Path Traversal
|
CVE-2021-1617
|
2024-11-21 14:44 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200837
|
5.3 |
MEDIUM
Network
|
cisco
|
sd-wan
|
A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in M…
|
NVD-CWE-Other
|
CVE-2021-1614
|
2024-11-21 14:44 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200838
|
8.3 |
HIGH
Adjacent
|
cisco
|
intersight_virtual_appliance
|
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilitie…
|
NVD-CWE-Other
|
CVE-2021-1601
|
2024-11-21 14:44 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200839
|
8.3 |
HIGH
Adjacent
|
cisco
|
intersight_virtual_appliance
|
Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilitie…
|
NVD-CWE-Other
|
CVE-2021-1600
|
2024-11-21 14:44 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200840
|
5.4 |
MEDIUM
Network
|
cisco
|
unified_customer_voice_portal
|
A vulnerability in the web-based management interface of Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to perform a cross-site scripting (XSS) attack against…
|
CWE-79
Cross-site Scripting
|
CVE-2021-1599
|
2024-11-21 14:44 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
