Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

CVE-2021-42870: Abnormal packet sequence can cause stack-buffer-underflow · Issue #158 · xebd/accel-ppp

ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.

CVE
Open in Source
#sql#mac#linux#cisco#git#c++#oauth#auth#telnet#ssl
Ransomware: How executives should prepare given the current threat landscape

By Nate Pors. Top executives are increasingly dreading the phone call from their fellow employees notifying them that their company has been hit by a cyber attack. Nearly every week in 2021 and early 2022, a prominent organization has been in the media spotlight as their public relations team... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Data Transformation: 3 Sessions to Attend at RSA 2022

Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.

EMEAR Monthly Talos Update: Wiper malware

Cisco Talos and Cisco Secure are launching a new video series to fill you in on the latest cybersecurity trends. We’re thrilled to launch our first video in the new Talos Threat Update series, which you can watch above or over at this link, where Martin Lee and Hazel Burton talk about wiper... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Threat Source newsletter (May 12, 2022) — Mandatory MFA adoption is great, but is it too late?

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  Mandatory multi-factor authentication is all the rage nowadays. GitHub just announced that all contributors would have to enroll in MFA by 2023 to log into their accounts. And Google announced as part of... [[ This is only the beginning! Please visit the blog for the complete entry ]]

CVE-2022-26020: TALOS-2022-1474 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the router configuration export functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted network request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

CVE-2022-21182: TALOS-2022-1472 || Cisco Talos Intelligence Group

A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

CVE-2022-26518: TALOS-2022-1501 || Cisco Talos Intelligence Group

An OS command injection vulnerability exists in the console infactory_net functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-21809: TALOS-2022-1468 || Cisco Talos Intelligence Group

A file write vulnerability exists in the httpd upload.cgi functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can upload a malicious file to trigger this vulnerability.

CVE-2022-26510: TALOS-2022-1495 || Cisco Talos Intelligence Group

A firmware update vulnerability exists in the iburn firmware checks functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted HTTP request can lead to firmware update. An attacker can send a sequence of requests to trigger this vulnerability.