Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sg220\-28_firmware
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-08-07 | CVE-2019-1912 | A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. Depending on the configuration of the affected switch, the malicious request must be sent via HTTP or... | Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sf\-220\-24_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware, Sg220\-52_firmware | 9.1 | ||
| 2019-08-07 | CVE-2019-1914 | A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a malicious request to certain parts of the web management interface. To send the malicious request, the attacker needs a valid login session in the web management interface as a... | Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sf\-220\-24_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware, Sg220\-52_firmware | 7.2 | ||
| 2019-08-07 | CVE-2019-1913 | Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The vulnerabilities are due to insufficient validation of user-supplied input and improper boundary checks when reading data into an internal buffer. An attacker could exploit these vulnerabilities by sending... | Sf220\-24p_firmware, Sf220\-48_firmware, Sf220\-48p_firmware, Sf\-220\-24_firmware, Sg220\-26_firmware, Sg220\-26p_firmware, Sg220\-28_firmware, Sg220\-28mp_firmware, Sg220\-50_firmware, Sg220\-50p_firmware, Sg220\-52_firmware | 9.8 |