Vulnerabilities > Cisco > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-24 | CVE-2021-1361 | Files or Directories Accessible to External Parties vulnerability in Cisco Nx-Os 9.3(5)/9.3(6) A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running Cisco NX-OS Software could allow an unauthenticated, remote attacker to create, delete, or overwrite arbitrary files with root privileges on the device. | 9.1 |
| 2021-02-04 | CVE-2021-1295 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1294 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1293 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1292 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1291 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1290 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-02-04 | CVE-2021-1289 | External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. | 9.8 |
| 2021-01-20 | CVE-2021-1225 | SQL Injection vulnerability in Cisco Sd-Wan Vmanage Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct SQL injection attacks on an affected system. | 9.1 |
| 2021-01-20 | CVE-2021-1142 | OS Command Injection vulnerability in Cisco Smart Software Manager Satellite 5.1.0 Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. | 9.8 |