cbcvebase.

Cisco Small Business 220 Series Smart Plus Switches vulnerabilities

9 known vulnerabilities affecting cisco/cisco_small_business_220_series_smart_plus_switches.

Total CVEs
9
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH3MEDIUM4

Vulnerabilities

Page 1 of 1
CVE-2019-1913P1CRITICALCVSS 9.8PoC≥ unspecified, < 1.1.4.42019-08-07
CVE-2019-1913 [CRITICAL] CWE-119 CVE-2019-1913: Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Sw Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The vulnerabilities are due to insufficient validation of user-supp
nvd
CVE-2019-1912P2CRITICALCVSS 9.1PoC≥ unspecified, < 1.1.4.42019-08-07
CVE-2019-1912 [CRITICAL] CWE-285 CVE-2019-1912: A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches co A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this vulnerability by sending a malicious request to certai
nvd
CVE-2019-1914P2HIGHCVSS 7.2PoC≥ unspecified, < 1.1.4.42019-08-07
CVE-2019-1914 [HIGH] CWE-20 CVE-2019-1914: A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches co A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious request to certain parts of t
nvd
CVE-2021-1541P3HIGHCVSS 7.2vn/a2021-06-16
CVE-2021-1541 [HIGH] CWE-287 CVE-2021-1541: Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Sm Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information
nvd
CVE-2021-1542P3HIGHCVSS 8.1vn/a2021-06-16
CVE-2021-1542 [HIGH] CWE-287 CVE-2021-1542: Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Sm Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information
nvd
CVE-2021-1571P3MEDIUMCVSS 6.1vn/a2021-06-16
CVE-2021-1571 [MEDIUM] CWE-287 CVE-2021-1571: Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Sm Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more informatio
nvd
CVE-2021-1543P3MEDIUMCVSS 6.1vn/a2021-06-16
CVE-2021-1543 [MEDIUM] CWE-287 CVE-2021-1543: Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Sm Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more informatio
nvd
CVE-2021-34757P4MEDIUMCVSS 5.5vn/a2021-10-06
CVE-2021-34757 [MEDIUM] CWE-540 CVE-2021-34757: Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacke Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2021-34744P4MEDIUMCVSS 4.9vn/a2021-10-06
CVE-2021-34744 [MEDIUM] CWE-540 CVE-2021-34744: Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacke Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
Cisco Small Business 220 Series Smart Plus Switches vulnerabilities | cvebase