Alerts
8 May 2025
Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers ARP Denial of Service Vulnerability
A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of...
8 May 2025
Cisco IOS XE Software for WLC Wireless IPv6 Clients Denial of Service Vulnerability
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent wireless attacker to cause a denial of service (DoS) condition.
This...
This...
8 May 2025
Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability
A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.
This...
This...
8 May 2025
Cisco IOS XE Software Web-Based Management Interface Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco IOS XE Software could allow a remote attacker to read files from the underlying operating system, read limited parts of the configuration file, clear the syslog, or conduct a...
8 May 2025
Cisco IOS XE Software Web-Based Management Interface Command Injection Vulnerability
A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack...
8 May 2025
Cisco Catalyst SD-WAN Manager Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a stored cross-site scripting attack (XSS) on an affected system.
...
...
8 May 2025
Cisco Catalyst SD-WAN Manager Reflected HTML Injection Vulnerability
A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user.
This vulnerability is due to...
This vulnerability is due to...
8 May 2025
Cisco IOS, IOS XE, and IOS XR Software TWAMP Denial of Service Vulnerability
A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service...
8 May 2025
Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 (SNMPv3) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if...
8 May 2025
Cisco IOS XE SD-WAN Software Packet Filtering Bypass Vulnerability
A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters.
This vulnerability is due to improper traffic filtering...
This vulnerability is due to improper traffic filtering...