A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
#CVE

Cyber security insights and guidance from the frontlines. Read expert perspectives and get all the latest cyber security industry news at the Mandiant blog.

NEW

Last 3 days of cybersecurity industry content aggregated for your analysts. ThreatABLE provides a vendor-agnostic roll-up of cyber threat intelligence to employees of organizations of any size. We aim to provide everyone from analysts to CISOs a one-stop-shop to sift through the gargantuan amounts of data that comes flooding into the industry every day.

Your comprehensive database for CVE exploits from across the internet.

CVEDetails.com is a vulnerability intelligence solution providing CVE security vulnerability database, exploits, advisories, product and CVE risk scores, attack surface intelligence, open source vulnerabilities, code changes, vulnerabilities affecting your attack surface and software inventory/tech stack. You can view CVE vulnerability details, exploits, references, metasploit modules, full list of vulnerable products and cvss score reports and vulnerability trends over time

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

A list of all publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure.

Extremely passionate about Windows exploit development, internals, C, Assembly, or anything low-level.

Latest articles from SOCRadar. SOCRadar is a cloud-based autonomous early warning tool against cyber threats. Read our blog for the latest news about recent threats.

Read the Forescout blog for insights into cybersecurity automation and research about vulnerabilities, threats and risks across IT, OT, IoT and IoMT devices.

The world's best dynamic repository for security vulnerabilities.

Latest information and remediations available for vulnerabilities concerning Palo Alto Networks products and services.

The leading database for open source vulnerabilities and cloud misconfigurations.

Cybersecurity knowledge and tools from the Praetorian team. Read the latest insights and security techniques on the Praetorian blog, your source for cybersecurity expertise.

Kroll specialists regularly publish articles, blogs, studies and books that help our clients better understand the changing business landscape. Browse our featured items below, or search for all recent materials by service, industry or topic.

0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals. Our aim is to collect exploits from submittals and various mailing lists and concentrate them in one, easy-to-navigate database. This was written solely for educational purposes. Use it at your own risk. The author will be not responsible for any damage.

Tenable maintains a list of Common Vulnerabilities and Exposures (CVEs) and their affected products. Tenable augments the data to include related Tenable Plugins that detect each vulnerability. 252428 CVEs are indexed from NVD.

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

RTC security Research, talks and tools. We are researchers in cyber-security, continually educating ourselves and developing knowledge and code. By sharing what we learn, we hope to push RTC security forward.

GitHub Security Lab researchers find vulnerabilities in key, widely-used open source projects. We then coordinate the disclosure of those vulnerabilities to security teams at those projects. We only publish vulnerabilities here after they’ve been announced by the affected projects' development teams and patches are available. See our disclosure policy below for more information.

MDSec was founded on the principles that traditional security assessment describes problems, but Security Education helps fix or avoid them.

vsociety is a social community for security professionals to collaborate on vulnerability solutions and network with security peers.

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

Third party vulnerabilities that have been reported by VulnCheck.

The web application vulnerabilities index lists vulnerabilities according to its severity and is classified by the compliance standard it falls under.

NEW

HAWKEYE Managed SOC Dubai powered by DTS Solution helps your organization strategize, develop, build and manage a Managed Security Operations Center – SOC 2.0 As A Service. Managed Security Services Dubai, Managed SOC Provider in Dubai.

NEW

Vumetric Cyber portal is a public security news, threat indicators and CVE security vulnerability database/information source.