cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-20169,https://securityvulnerability.io/vulnerability/CVE-2025-20169,DoS Vulnerability in Cisco IOS and IOS XE Software SNMP Subsystem,"A vulnerability exists in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software that allows an authenticated, remote attacker to trigger a Denial of Service condition. This issue arises from improper error handling when processing SNMP requests. An attacker can exploit this flaw by sending specifically crafted SNMP requests. If successful, this can result in the affected device unexpectedly reloading, leading to service interruption. This vulnerability impacts SNMP versions 1, 2c, and 3, necessitating proper authentication or access to community strings for successful exploitation. For SNMP v2c or earlier, the attacker must possess valid SNMP community strings, while SNMP v3 exploits require valid user credentials.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:40:24.267Z,false,false,false,,2025-02-05T16:40:24.267Z,10
CVE-2025-20175,https://securityvulnerability.io/vulnerability/CVE-2025-20175,Remote DoS Vulnerability in Cisco IOS and IOS XE Software,"A vulnerability exists in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software that may allow an authenticated remote attacker to induce a Denial of Service condition on the device. The issue arises from improper error handling during the parsing of SNMP requests. By sending specially crafted SNMP requests, an attacker can cause the affected device to reload unexpectedly, leading to service interruptions. Exploitation requires knowledge of SNMP community strings for SNMP versions 1, 2c, or valid user credentials for SNMP version 3.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:39:51.163Z,false,false,false,,2025-02-05T16:39:51.163Z,0
CVE-2025-20174,https://securityvulnerability.io/vulnerability/CVE-2025-20174,Denial of Service Vulnerability in Cisco IOS Software and Cisco IOS XE Software,"A vulnerability exists within the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software that can be exploited by an authenticated, remote attacker. The root cause of this issue is improper error handling during the parsing of SNMP requests. An attacker capable of sending a specially crafted SNMP request to the targeted device may cause it to reload unexpectedly, leading to a Denial of Service condition. This vulnerability affects all versions of SNMP including v1, v2c, and v3. For exploitation via SNMP v2c or earlier, knowledge of a valid read-write or read-only SNMP community string is required, while exploitation through SNMP v3 necessitates valid user credentials.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:39:33.753Z,false,false,false,,2025-02-05T16:39:33.753Z,0
CVE-2025-20170,https://securityvulnerability.io/vulnerability/CVE-2025-20170,DoS Vulnerability in Cisco IOS Software and Cisco IOS XE Software SNMP Subsystem,"A flaw in the SNMP subsystem of Cisco IOS and IOS XE Software can allow an authenticated remote attacker to trigger a Denial of Service condition. This occurs due to improper error handling during the parsing of SNMP requests. An attacker capable of sending a specially crafted SNMP request to an affected device may induce an unexpected reload of the system, rendering it inoperative. Exploitation via SNMP v2c or earlier requires knowledge of a valid SNMP community string, while exploitation through SNMP v3 necessitates valid SNMP user credentials.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:39:11.660Z,false,false,false,,2025-02-05T16:39:11.660Z,0
CVE-2025-20171,https://securityvulnerability.io/vulnerability/CVE-2025-20171,Denial of Service Vulnerability in Cisco IOS Software and Cisco IOS XE Software,"A vulnerability exists in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software, which allows an authenticated, remote attacker to induce a Denial of Service (DoS) condition on the affected device. This issue arises from improper error handling during SNMP request parsing. An attacker could exploit this behavior by sending a specially crafted SNMP request to the affected device. If successfully exploited, this could trigger an unexpected device reload, leading to service disruption. The vulnerability affects SNMP versions 1, 2c, and 3. To exploit SNMP v2c or earlier, the attacker must possess valid read-write or read-only SNMP community strings for the system. For SNMP v3 exploitation, valid user credentials are required.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:38:46.229Z,false,false,false,,2025-02-05T16:38:46.229Z,0
CVE-2025-20176,https://securityvulnerability.io/vulnerability/CVE-2025-20176,SNMP DoS Vulnerability in Cisco IOS and IOS XE Software,"A vulnerability exists in the SNMP subsystem of Cisco IOS and Cisco IOS XE Software that could permit a remote, authenticated attacker to initiate a denial of service (DoS) on the affected device. This issue arises from improper error handling during the parsing of SNMP requests. An attacker can exploit this vulnerability by sending a specially crafted SNMP request, resulting in an unexpected device reload and subsequent DoS. This vulnerability affects SNMP versions 1, 2c, and 3, with varying requirements for exploitation depending on the SNMP version being used.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:38:19.071Z,false,false,false,,2025-02-05T16:38:19.071Z,0
CVE-2025-20172,https://securityvulnerability.io/vulnerability/CVE-2025-20172,"SNMP Vulnerability in Cisco IOS, IOS XE, and IOS XR Software","This vulnerability exists within the SNMP subsystem across multiple Cisco software platforms, namely Cisco IOS, IOS XE, and IOS XR. It arises from improper error handling during the parsing of SNMP requests, enabling an authenticated, remote attacker to potentially exploit the flaw. By sending a specially crafted SNMP request, attackers can either cause devices running IOS or IOS XE to unexpectedly reload, leading to downtime, or disrupt the SNMP process on devices running IOS XR, thereby interrupting SNMP responses. Exploitation requires knowledge of the valid SNMP community string for SNMP v2c or earlier versions, or valid SNMP user credentials for SNMP v3.",Cisco,"iOS,Cisco iOS Xr Software,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:37:29.828Z,false,false,false,,2025-02-05T16:37:29.828Z,0
CVE-2025-20173,https://securityvulnerability.io/vulnerability/CVE-2025-20173,DoS Vulnerability in Cisco IOS Software's SNMP Subsystem,"A vulnerability in the SNMP subsystem of Cisco IOS and IOS XE Software may allow an authenticated remote attacker to trigger a denial of service condition. This issue arises from improper error management when processing SNMP requests. An attacker can exploit this flaw by dispatching a specially crafted SNMP request to a vulnerable device, which can lead to an unexpected device reload and subsequent service interruption. Affected SNMP protocols include versions 1, 2c, and 3. For SNMP v2c or earlier exploitation, knowledge of a valid community string is required. For SNMP v3, valid user credentials are necessary for access.",Cisco,"iOS,Cisco iOS Xe Software",7.7,HIGH,0.0004400000034365803,false,,false,false,true,2025-02-05T16:35:23.109Z,false,false,false,,2025-02-05T16:35:23.109Z,0
CVE-2022-20655,https://securityvulnerability.io/vulnerability/CVE-2022-20655,Command Injection Vulnerability in ConfD Could Allow Authenticated Attacker to Execute Arbitrary Commands with Root Privileges,"An issue within the command line interface (CLI) implementation in Cisco's ConfD can allow authenticated, local attackers to conduct command injection attacks. This vulnerability stems from insufficient validation of process arguments, enabling an attacker to inject malicious commands during execution. Successfully exploiting this vulnerability can lead to the execution of arbitrary commands on the underlying operating system with the same privileges as ConfD, often equivalent to root access, thereby posing severe risks to system security and integrity.",Cisco,"Cisco iOS Xr Software,Cisco Virtual Topology System (vts),Cisco Network Services Orchestrator,Cisco Enterprise Nfv Infrastructure Software,Cisco Catalyst Sd-wan,Cisco Catalyst Sd-wan Manager,Cisco iOS Xe Catalyst Sd-wan,Cisco Sd-wan Vedge Router,Cisco Ultra Gateway Platform,Cisco Carrier Packet Transport",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-15T15:56:42.927Z,0
CVE-2024-20418,https://securityvulnerability.io/vulnerability/CVE-2024-20418,Command Injection Vulnerability in Cisco Unified Industrial Wireless Software Could Allow Remote Root Access,"A critical flaw has been identified in the web-based management interface of Cisco Unified Industrial Wireless Software, specifically impacting Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. This vulnerability arises from inadequate input validation within the management interface, allowing an unauthenticated remote attacker to initiate command injection attacks. By sending specially crafted HTTP requests, an attacker could gain root privileges over the underlying operating system of the affected devices. This exposure significantly increases the risk of unauthorized access and manipulation of the device, potentially leading to widespread security breaches.",Cisco,Cisco Aironet Access Point Software (iOS Xe Controller),10,CRITICAL,0.0004299999854993075,false,,true,false,true,2024-11-07T06:03:55.000Z,,true,false,,2024-11-06T17:15:00.000Z,4678
CVE-2024-20313,https://securityvulnerability.io/vulnerability/CVE-2024-20313,Cisco IOS XE Software Vulnerability Could Lead to Unauthorized Reload and Denial of Service,"The vulnerability presents a risk within the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software that could allow an adjacent attacker without authentication to disrupt the operation of an affected device. This issue arises from insufficient validation of OSPF updates, leading to unexpected device reloading and resulting in a denial of service (DoS). Through the exploitation of this vulnerability, an attacker could send a specially crafted OSPF update, thus provoking the affected device to restart abruptly. Organizations utilizing Cisco IOS XE Software are advised to evaluate their systems for this vulnerability and implement necessary mitigations.",Cisco,Cisco iOS Xe Software,7.4,HIGH,0.0004400000034365803,false,,false,false,true,2024-08-09T19:15:05.000Z,,false,false,,2024-04-24T20:42:10.379Z,0
CVE-2024-20310,https://securityvulnerability.io/vulnerability/CVE-2024-20310,Cross-Site Scripting Vulnerability in Cisco Unified Communications Manager IM & Presence Service,"A vulnerability found in the web management interface of Cisco Unified Communications Manager IM & Presence Service allows an unauthenticated remote attacker to execute Cross-Site Scripting (XSS) attacks. This issue arises due to the failure of the web interface to adequately validate user-supplied input. An attacker can exploit this vulnerability by convincing an authenticated user to click on a specially crafted link, potentially enabling the execution of arbitrary script code within the context of the affected interface or exposing sensitive browser information.",Cisco,"Cisco iOS Xe Software,Cisco Unified Communications Manager Im And Presence Service",6.1,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-06-20T18:15:07.000Z,,false,false,,2024-04-03T17:15:00.000Z,0
CVE-2024-20307,https://securityvulnerability.io/vulnerability/CVE-2024-20307,Cisco IOS Software and IOS XE Software Vulnerability: Heap Overflow Due to IKEv1 Fragmentation Code Flaw,"A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap overflow, resulting in an affected device reloading.
 This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
 Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.",Cisco,"Ios,Cisco Ios Xe Software",6.8,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-03-27T17:23:40.022Z,0
CVE-2024-20308,https://securityvulnerability.io/vulnerability/CVE-2024-20308,Cisco IOS and IOS XE Vulnerability: Heap Underflow Due to IKEv1 Fragmentation Code Flaw,"A security flaw has been identified in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software that allows an unauthenticated, remote attacker to exploit the affected device. The vulnerability arises from a failure to properly reassemble crafted, fragmented IKEv1 packets, which could lead to a heap underflow condition. An attacker can exploit this issue by sending specifically crafted UDP packets to the affected system. Successful exploitation may cause the device to reload, thus resulting in a denial of service (DoS) condition. The vulnerability is applicable to both IPv4 and IPv6 traffic, which means that only traffic directed at the affected system is capable of triggering the flaw.",Cisco,"iOS,Cisco iOS Xe Software",8.6,HIGH,0.0004299999854993075,false,,false,false,true,2024-11-26T16:15:10.000Z,,false,false,,2024-03-27T17:22:11.592Z,0
CVE-2024-20271,https://securityvulnerability.io/vulnerability/CVE-2024-20271,Cisco Access Point Software Vulnerability Could Lead to Denial of Service,"A vulnerability in the IP packet processing of Cisco Access Point Software allows an unauthenticated, remote attacker to exploit specific weaknesses in input validation of IPv4 packets. By sending specially crafted IPv4 packets to or through an affected device, an attacker can induce an unexpected reload of the device, resulting in a denial of service (DoS) condition. Importantly, exploitation does not require the attacker to be associated with the access point, making this a significant risk to network availability. This issue does not affect IPv6 packet processing.",Cisco,"Cisco Aironet Access Point Software,Cisco Business Wireless Access Point Software,Cisco Aironet Access Point Software (iOS Xe Controller)",8.6,HIGH,0.0004299999854993075,false,,false,false,true,2024-06-28T14:15:03.000Z,,false,false,,2024-03-27T17:05:27.473Z,0
CVE-2024-20265,https://securityvulnerability.io/vulnerability/CVE-2024-20265,Unauthenticated Attacker Could Bypass Cisco Secure Boot Validation and Load Tampered Image on Affected Device,"A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device.
 This vulnerability exists because unnecessary commands are available during boot time at the physical console. An attacker could exploit this vulnerability by interrupting the boot process and executing specific commands to bypass the Cisco Secure Boot validation checks and load an image that has been tampered with. This image would have been previously downloaded onto the targeted device. A successful exploit could allow the attacker to load the image once. The Cisco Secure Boot functionality is not permanently compromised.",Cisco,"Cisco iOS Xe Software,Cisco Aironet Access Point Software,Cisco Business Wireless Access Point Software,Cisco Aironet Access Point Software (iOS Xe Controller)",5.9,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-08-01T16:15:04.000Z,,false,false,,2024-03-27T17:03:54.505Z,0
CVE-2024-20309,https://securityvulnerability.io/vulnerability/CVE-2024-20309,Cisco IOS XE Software Vulnerability Could Lead to Device Reload or Denial of Service,"A vulnerability in auxiliary asynchronous port (AUX) functions of Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload or stop responding.
 This vulnerability is due to the incorrect handling of specific ingress traffic when flow control hardware is enabled on the AUX port. An attacker could exploit this vulnerability by reverse telnetting to the AUX port and sending specific data after connecting. A successful exploit could allow the attacker to cause the device to reset or stop responding, resulting in a denial of service (DoS) condition.",Cisco,Cisco iOS Xe Software,5.6,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-08-09T19:15:05.000Z,,false,false,,2024-03-27T17:02:19.749Z,0
CVE-2024-20303,https://securityvulnerability.io/vulnerability/CVE-2024-20303,Cisco IOS XE Software for Wireless LAN Controllers (WLCs) Vulnerability Could Lead to Denial of Service,"A vulnerability exists within the multicast DNS (mDNS) gateway functionality of Cisco IOS XE Software used in Wireless LAN Controllers. This issue arises from inadequate handling of mDNS client entries, allowing an unauthenticated attacker on the same wireless network to disrupt service. By sending a continuous flow of targeted mDNS packets, the attacker could cause the wireless controller to enter a state of elevated CPU usage, potentially resulting in access points losing connectivity with the controller. Such an event can create a significant denial of service condition, affecting overall network performance.",Cisco,Cisco Ios Xe Software,7.4,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-27T17:00:37.075Z,0
CVE-2024-20278,https://securityvulnerability.io/vulnerability/CVE-2024-20278,Cisco IOS XE Software Vulnerability: Elevation of Privileges,"A vulnerability in the NETCONF feature of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate privileges to root on an affected device.
 This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input over NETCONF to an affected device. A successful exploit could allow the attacker to elevate privileges from Administrator to root.",Cisco,Cisco iOS Xe Software,6.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-08-15T17:15:05.000Z,,false,false,,2024-03-27T16:59:12.963Z,0
CVE-2024-20306,https://securityvulnerability.io/vulnerability/CVE-2024-20306,Cisco UTD Configuration CLI Vulnerability Allows Arbitrary Code Execution as Root,"A vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying host operating system. To exploit this vulnerability, an attacker must have level 15 privileges on the affected device. 
 This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by submitting a crafted CLI command to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying operating system.",Cisco,Cisco Ios Xe Software,6,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-03-27T16:58:22.583Z,0
CVE-2024-20314,https://securityvulnerability.io/vulnerability/CVE-2024-20314,Cisco IPv4 SD-Access Fabric Edge Node Vulnerability Could Lead to Denial of Service,"A vulnerability exists within the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software that allows an unauthenticated, remote attacker to exploit improper handling of specific IPv4 packets. Exploitation of this vulnerability could lead to significant CPU resource exhaustion on the affected devices, halting all traffic processing and resulting in a denial of service (DoS) condition. Attackers are able to trigger this condition by sending specially crafted IPv4 packets, prompting a serious operational risk for affected installations.",Cisco,Cisco iOS Xe Software,8.6,HIGH,0.0004299999854993075,false,,false,false,true,2024-06-20T21:15:07.000Z,,false,false,,2024-03-27T16:57:27.974Z,0
CVE-2024-20312,https://securityvulnerability.io/vulnerability/CVE-2024-20312,Cisco IOS and IOS XE Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the Intermediate System-to-Intermediate System (IS-IS) protocol within Cisco IOS Software and Cisco IOS XE Software. This security issue arises from inadequate input validation when processing incoming IS-IS packets. An attacker, positioned Layer 2 adjacent to the targeted device and having established an adjacency, can exploit this flaw by sending a specially crafted IS-IS packet. Successful exploitation could result in the affected device reloading unexpectedly, leading to a denial of service condition. This vulnerability poses significant risks to network stability and security for organizations using vulnerable Cisco products.",Cisco,"iOS,Cisco iOS Xe Software",7.4,HIGH,0.0004299999854993075,false,,false,false,true,2024-11-01T15:15:06.000Z,,false,false,,2024-03-27T16:56:42.490Z,0
CVE-2024-20324,https://securityvulnerability.io/vulnerability/CVE-2024-20324,Cisco IOS XE Software Vulnerability Allows Access to WLAN Configuration Details Including Passwords,"A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, low-privileged, local attacker to access WLAN configuration details including passwords.
 This vulnerability is due to improper privilege checks. An attacker could exploit this vulnerability by using the show and show tech wireless CLI commands to access configuration details, including passwords. A successful exploit could allow the attacker to access configuration details that they are not authorized to access.",Cisco,Cisco iOS Xe Software,5.5,MEDIUM,0.0004299999854993075,false,,false,false,true,2024-08-27T21:15:07.000Z,,false,false,,2024-03-27T16:55:53.837Z,0
CVE-2024-20259,https://securityvulnerability.io/vulnerability/CVE-2024-20259,Cisco IOS XE Software Vulnerability Could Lead to Denial of Service,"A vulnerability exists in the DHCP snooping feature of Cisco IOS XE Software, allowing unauthenticated, remote attackers to exploit the flaw. This vulnerability occurs due to improper handling of crafted IPv4 DHCP request packets when endpoint analytics are enabled. Exploitation involves sending a specially crafted DHCP request, which can trigger an unexpected device reload, leading to a Denial of Service (DoS) condition. The attack vector can be exploited from a DHCP relay in different network segments, potentially expanding the scope of the vulnerability beyond adjacent networks.",Cisco,Cisco iOS Xe Software,8.6,HIGH,0.0004299999854993075,false,,false,false,true,2024-08-27T22:15:08.000Z,,false,false,,2024-03-27T16:53:53.073Z,0
CVE-2024-20311,https://securityvulnerability.io/vulnerability/CVE-2024-20311,Cisco IOS and IOS XE Software Vulnerability Could Lead to Device Reload and Denial of Service,"The vulnerability arises from the improper handling of Locator ID Separation Protocol (LISP) packets within Cisco IOS Software and Cisco IOS XE Software. An unauthenticated remote attacker can exploit this flaw by sending specially crafted LISP packets to targeted devices. This could result in the affected device experiencing a reload, effectively leading to a denial of service condition. The exploitation can occur over both IPv4 and IPv6 transport mechanisms, amplifying the potential impact on affected networks.",Cisco,"iOS,Cisco iOS Xe Software",8.6,HIGH,0.0004299999854993075,false,,false,false,true,2024-08-27T20:15:08.000Z,,false,false,,2024-03-27T16:50:15.099Z,0