VYPR

Small Business 220 Series Smart Plus Switches

by Cisco Systems, Inc.

CVEs (26)

  • CVE-2016-1473CriSep 2, 2016
    risk 0.64cvss 9.8epss 0.04

    Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community, aka Bug ID CSCuz76216.

  • CVE-2016-1470HigSep 2, 2016
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuz76230.

  • CVE-2016-1472HigSep 2, 2016
    risk 0.49cvss 7.5epss 0.03

    The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request, aka Bug ID CSCuz76238.

  • CVE-2016-1471MedSep 2, 2016
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCuz76232.

  • CVE-2019-15993Sep 23, 2020
    risk 0.04cvss epss 0.10

    A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. The vulnerability exists because the software lacks proper authentication controls to information accessible from the web UI. An…

  • CVE-2019-1913Aug 7, 2019
    risk 0.04cvss epss 0.26

    Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating…

  • CVE-2019-1912Aug 7, 2019
    risk 0.04cvss epss 0.17

    A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to upload arbitrary files. The vulnerability is due to incomplete authorization checks in the web management interface. An attacker…

  • CVE-2019-1914Aug 7, 2019
    risk 0.03cvss epss 0.25

    A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient validation of user-supplied input. An attacker could…

  • CVE-2021-34744Oct 6, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the…

  • CVE-2021-34757Oct 6, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords on the user account. For more information about these vulnerabilities, see the…

  • CVE-2021-34775Oct 6, 2021
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly…

  • CVE-2021-34776Oct 6, 2021
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly…

  • CVE-2021-34777Oct 6, 2021
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly…

  • CVE-2021-34778Oct 6, 2021
    risk 0.00cvss epss 0.00

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly…

  • CVE-2021-34779Oct 6, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly…

  • CVE-2021-34780Oct 6, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business 220 Series Smart Switches. An unauthenticated, adjacent attacker could perform the following: Execute code on the affected device or cause it to reload unexpectedly…

  • CVE-2021-1542Jun 16, 2021
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site…

  • CVE-2021-1543Jun 16, 2021
    risk 0.00cvss epss 0.09

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site…

  • CVE-2021-1571Jun 16, 2021
    risk 0.00cvss epss 0.10

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site…

  • CVE-2021-1541Jun 16, 2021
    risk 0.00cvss epss 0.09

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site…

Page 1 of 2