Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business 220 Series Smart Switches Remote Code Execution Vulnerabilities
Vulnerability Description
Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow an unauthenticated, remote attacker to overflow a buffer, which then allows the execution of arbitrary code with root privileges on the underlying operating system. The vulnerabilities are due to insufficient validation of user-supplied input and improper boundary checks when reading data into an internal buffer. An attacker could exploit these vulnerabilities by sending malicious requests to the web management interface of an affected device. Depending on the configuration of the affected switch, the malicious requests must be sent via HTTP or HTTPS.
CVSS Information
N/A
Vulnerability Type
内存缓冲区边界内操作的限制不恰当
Vulnerability Title
Cisco Small Business 220 Series Smart Switches 缓冲区错误漏洞
Vulnerability Description
Cisco Small Business 220 Series Smart Switches是美国思科(Cisco)公司的一款小型智能交换机设备。 使用1.1.4.4之前版本固件的Cisco Small Business 220 Series Smart Switches中的Web管理界面存在缓冲区错误漏洞,该漏洞源于程序没有充分地验证用户提交的数据并且没有进行正确的边界检查。远程攻击者可通过发送恶意的请求利用该漏洞在底层操作系统上以root权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A