Vulnerabilities > Cisco > SD WAN Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2021-01-20 CVE-2021-1241 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-119
7.5
2021-01-20 CVE-2021-1299 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device.
network
low complexity
cisco CWE-20
8.8
2021-01-20 CVE-2021-1298 Command Injection vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device.
network
low complexity
cisco CWE-77
8.8
2021-01-20 CVE-2021-1279 Improper Input Validation vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-20
8.6
2021-01-20 CVE-2021-1278 Link Following vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-59
7.5
2021-01-20 CVE-2021-1274 NULL Pointer Dereference vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-476
8.6
2021-01-20 CVE-2021-1273 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute denial of service (DoS) attacks against an affected device.
network
low complexity
cisco CWE-119
8.6
2021-01-20 CVE-2021-1263 Command Injection vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device.
local
low complexity
cisco CWE-77
7.8
2021-01-20 CVE-2021-1262 Command Injection vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device.
local
low complexity
cisco CWE-77
7.8
2021-01-20 CVE-2021-1261 Command Injection vulnerability in Cisco products
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device.
local
low complexity
cisco CWE-77
7.8