Cisco WLC 2504 version 8.9 suffers from a denial of service vulnerability.
692da50c6c7b702b96f528fe1dd64418fb776f151a11cb9154373c976bd4af4b
Debian Linux Security Advisory 4535-1 - Lilith of Cisco Talos discovered a buffer overflow flaw in the quota code used by e2fsck from the ext2/ext3/ext4 file system utilities. Running e2fsck on a malformed file system can result in the execution of arbitrary code.
1f480636110a11b39ec419c46b823b4198eccd80b372df970a9544c259f933d5
This is a generic arbitrary file overwrite technique, which typically results in remote command execution. This targets a simple yet widespread vulnerability that has been seen affecting a variety of popular products including HP, Amazon, Apache, Cisco, etc. The idea is that often archive extraction libraries have no mitigations against directory traversal attacks. If an application uses it, there is a risk when opening an archive that is maliciously modified, and results in the embedded payload to be written to an arbitrary location (such as a web root), and results in remote code execution.
8f0ccbdfa41b81ddec1fba4936ed5ca28502dd6600b5ac754d4fe23b7ec5988d
Cisco Content Security Virtual Appliance M380 IronPort remote cross site host modification demo exploit.
73c9d99009b7401255bba6a1f56507939d40908be4130273b2c562c5a4a3adb6
Many Cisco devices such as Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, and Cisco 160W suffer from having hard-coded credentials, known GNU glibc, known BusyBox, and IoT Inspector identified vulnerabilities.
3726cd3c69f647990c48b627f7552d3a2fdba185bb79ef1247f427b865bde817
Cisco Email Security Virtual Appliance C380 IronPort remote host header injection exploit.
22df195418f74a56634bd310b7da36a4fdf581a8903f80d6ae395c7c7f946d92
Cisco Email Security Virtual Appliance C300V IronPort remote host header injection exploit.
b2a95ef79610176da5267a46a9488b05662546d359c6b416942f91ac57d5e952
Cisco Content Security Management Virtual Appliance M600V IronPort remote host header injection exploit.
c7a0b8d068fd7c8df937ba5cf737eafcd11bc58ff8f2299b7f69502289c92892
Cisco IronPort C350 remote host header injection exploit.
46aa6ec3a6ceb2fb7831a82b780d522b93acdd23c01e01fdc83b7da4ec5aefa9
Cisco Email Security Virtual Appliance C370 IronPort remote host header injection exploit.
36b762978c34e1f16ed9d93334f8184be045b42ea6fd1fe3f627d000b31db178
Cisco Email Security Virtual Appliance C600V IronPort remote host header injection exploit.
655be479e29923ba9adf959f5e03b50adb87fb428255023f173d521b5c61eff2
Cisco C690 Email Security Appliance version 11.0.2-044 IronPort remote host header injection exploit.
6af5adca7d10cef4776a34b1429f256e611964bb3d4f4a3810ee8088b9807707
Cisco Email Security Virtual Appliance C100V IronPort remote host header injection exploit.
12bb004fdfdf55d718012ab35bbdf7095552636428ef9dab518a924742d5263b
Cisco C170 Email Security Appliance version 10.0.3-003 IronPort remote host header injection exploit.
633ae417bb1a1f1ecee9515bd39772702da57955e5320f29a683d8a630063e9e
Cisco M1070 Content Security Management Appliance IronPort remote host header injection exploit.
5ba21eee4ea148a7f9115d1e1857e91697c72fa25d23cbcf551f8549a4fbe6d0
The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one, CVE-2019-1936, is a command injection in a password change form, that allows the attacker to inject commands that will execute as root. This module combines both vulnerabilities to achieve the unauthenticated command injection as root. It has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products.
88e2661eac6ae7e8e4a10814c6417ce137ece9446d83413cd0c6813936fdb7e1
This Metasploit module abuses a known default password on Cisco UCS Director. The 'scpuser' has the password of 'scpuser', and allows an attacker to login to the virtual appliance via SSH. This module has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products.
94bda7121e042ee09228bf74bbf6f0d5581de7fd36faaa0ab4e892b49f16f89e
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected. Note: successful exploitation may not result in a session, and as such, on_new_session will never repair the HTTP server, leading to a denial-of-service condition.
2c771b51eb75ada179bdbfecb74aebaee8b16721ebc04a5e5d918a82a211ed0a
Cisco IronPort C150 suffers from a remote host header injection vulnerability.
ce45780afb7f4d877adb44119292a4a17c67e3b1648fbbc8fcca7490240237a5
Cisco (Titsco) Email Security Appliance (IronPort) C160 suffers from a host header injection vulnerability.
c39dc4b54f558e9618390cbfce70fd7a8832ce9236eb26d340893aaede098891
Cisco UCS Director, Cisco Integrated Management Controller Supervisor and Cisco UCS Director Express for Big Data suffer from default password, authentication bypass, and command injection vulnerabilities.
38e7a01258bfec09b0882ac7dbf7cd123357ef8737f810d17b3e0ebf1d0c844e
This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.
ccf085e5a044cb918fae95c5556ebbf021851f7abfb9c7fab3ef667e68647642
Cisco Catalyst 3850 Series Device Manager version 3.6.10E suffers from a cross site request forgery vulnerability.
a079ae01655e5720718186f31d323af608aeaa58c70c805477a493c24496d12a
Cisco Wireless Controller version 3.6.10E suffers from a cross site request forgery vulnerability.
9d87c7999f6ffa9dd2fabd3fb997b5926a5fe0f4da7a6b3bc135f20fbdbf7946
Cisco Small Business switches versions 200, 300, and 500 suffer from information leakage and open redirection vulnerabilities.
2bb0ac94980c464d3bdf481b45f48e9917e275cf0b9cfd65dffcfed0b11c7913