Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business 220 Series Smart Switches Vulnerabilities
Vulnerability Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business 220 Series Smart Switches could allow an attacker to do the following: Hijack a user session Execute arbitrary commands as a root user on the underlying operating system Conduct a cross-site scripting (XSS) attack Conduct an HTML injection attack For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
Cisco Small Business 220 Series Smart Switches 授权问题漏洞
Vulnerability Description
Cisco Small Business 220 Series Smart Switches是美国思科(Cisco)公司的一款小型智能交换机设备。 Cisco Small Business 220 Series Smart Switches存在授权问题漏洞,该漏洞源于缺乏对 TFTP 配置参数的参数验证。利用该漏洞允许攻击者以 root 用户身份在底层操作系统上执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A