Monthly
ArubaOS access points are vulnerable to gateway impersonation attacks when clients connect via wired or wireless interfaces, allowing unauthenticated attackers to redirect network traffic into a man-in-the-middle position. An attacker can exploit address-based spoofing to intercept or modify data streams intended for the legitimate gateway, compromising the confidentiality of client communications. No patch is currently available.
Arubaos contains a vulnerability that allows attackers to bypass Layer 2 (L2) communication restrictions between clients and redirect traf (CVSS 4.3).
Arubaos contains a vulnerability that allows attackers to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks (CVSS 4.3).
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.
LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
A security vulnerability in Fortinet FortiOS (CVSS 5.9) that allows an unauthenticated attacker with the knowledge of device specific data. Remediation should follow standard vulnerability management procedures.
This issue was addressed through improved state management. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
ArubaOS access points are vulnerable to gateway impersonation attacks when clients connect via wired or wireless interfaces, allowing unauthenticated attackers to redirect network traffic into a man-in-the-middle position. An attacker can exploit address-based spoofing to intercept or modify data streams intended for the legitimate gateway, compromising the confidentiality of client communications. No patch is currently available.
Arubaos contains a vulnerability that allows attackers to bypass Layer 2 (L2) communication restrictions between clients and redirect traf (CVSS 4.3).
Arubaos contains a vulnerability that allows attackers to redirect intercepted traffic to facilitate machine-in-the-middle (MitM) attacks (CVSS 4.3).
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions). Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.
LocalSend is an open-source app to securely share files and messages with nearby devices over local networks without needing an internet connection. Rated critical severity (CVSS 9.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
A security vulnerability in Fortinet FortiOS (CVSS 5.9) that allows an unauthenticated attacker with the knowledge of device specific data. Remediation should follow standard vulnerability management procedures.
This issue was addressed through improved state management. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in Fortinet FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h is vulnerable to MITM attack. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.