Vulnerabilities > Cisco > Sg500X 24P Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-05-18 CVE-2023-20189 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20162 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20161 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20160 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20159 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20158 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20157 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2023-05-18 CVE-2023-20156 Classic Buffer Overflow vulnerability in Cisco products
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with root privileges on an affected device.
network
low complexity
cisco CWE-120
critical
9.8
2020-07-02 CVE-2020-3297 Improper Authentication vulnerability in Cisco products
A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface.
network
low complexity
cisco CWE-287
critical
9.8
2018-11-08 CVE-2018-15439 Use of Hard-coded Credentials vulnerability in Cisco products
A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device.
network
low complexity
cisco CWE-798
critical
9.8