VYPR

IoT Field Network Director

by Cisco Systems, Inc.

CVEs (20)

  • CVE-2023-44487HigKEVOct 10, 2023
    risk 0.65cvss 7.5epss 1.00

    The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

  • CVE-2018-0270HigMay 17, 2018
    risk 0.57cvss 8.8epss 0.01

    A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and alter the data of existing users and groups on an affected device. The…

  • CVE-2026-20167HigMay 6, 2026
    risk 0.50cvss 7.7epss 0.00

    A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely managed router. This vulnerability is due to improper error handling. An attacker…

  • CVE-2017-6780HigSep 7, 2017
    risk 0.49cvss 7.5epss 0.02

    A vulnerability in the TCP throttling process for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to cause the system to consume additional memory, eventually forcing the device to restart, aka Memory Exhaustion. The vulnerability is…

  • CVE-2026-20169MedMay 6, 2026
    risk 0.42cvss 6.4epss 0.00

    A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of…

  • CVE-2026-20168MedMay 6, 2026
    risk 0.42cvss 6.5epss 0.00

    A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to retrieve files that they do not have permission to access. This vulnerability is due to insufficient file access…

  • CVE-2020-3531Nov 18, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. The vulnerability exists because the affected software does not properly authenticate REST API calls.…

  • CVE-2020-3392Nov 18, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. The vulnerability exists because the affected software does not properly authenticate API calls. An attacker…

  • CVE-2020-26081Nov 18, 2020
    risk 0.00cvss epss 0.01

    Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. The vulnerabilities are due to insufficient validation of…

  • CVE-2020-26080Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. The vulnerability is due to improper domain access…

  • CVE-2020-26079Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. The vulnerability is due to insufficient protection of user credentials. An attacker could exploit this…

  • CVE-2020-26078Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. The vulnerability is due to insufficient file system protections. An attacker could exploit this vulnerability by…

  • CVE-2020-26077Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. The vulnerability is due to improper access…

  • CVE-2020-26076Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the absence of authentication for sensitive information. An attacker could exploit…

  • CVE-2020-26075Nov 18, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to gain access to the back-end database of an affected device. The vulnerability is due to insufficient input validation of REST API requests that are made to…

  • CVE-2020-26072Nov 18, 2020
    risk 0.00cvss epss 0.01

    A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. The vulnerability is due to insufficient authorization in the SOAP API. An…

  • CVE-2020-3162Apr 15, 2020
    risk 0.00cvss epss 0.02

    A vulnerability in the Constrained Application Protocol (CoAP) implementation of Cisco IoT Field Network Director could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input…

  • CVE-2019-1957Aug 8, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the web interface of Cisco IoT Field Network Director could allow an unauthenticated, remote attacker to trigger high CPU usage, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to improper handling of Transport…

  • CVE-2019-1698Feb 21, 2019
    risk 0.00cvss epss 0.03

    A vulnerability in the web-based user interface of Cisco Internet of Things Field Network Director (IoT-FND) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. The vulnerability is due to improper…

  • CVE-2019-1644Jan 23, 2019
    risk 0.00cvss epss 0.02

    A vulnerability in the UDP protocol implementation for Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to exhaust system resources, resulting in a denial of service (DoS) condition. The vulnerability is due to improper resource…