Skip to main content

Small Business 220 Series Smart Plus Switches

4 CVEs product

Monthly

CVE-2016-1473 CRITICAL Act Now

Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Small Business 220 Series Smart Plus Switches
NVD
CVSS 3.0
9.8
EPSS
2.6%
CVE-2016-1472 HIGH This Week

The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Small Business 220 Series Smart Plus Switches
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2016-1471 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cisco Small Business 220 Series Smart Plus Switches
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-1470 HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Cisco Small Business 220 Series Smart Plus Switches
NVD
CVSS 3.0
8.8
EPSS
0.1%
EPSS 3% CVSS 9.8
CRITICAL Act Now

Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community, which allows remote attackers to read or modify SNMP objects by leveraging knowledge of this community,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Information Disclosure Small Business 220 Series Smart Plus Switches
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to cause a denial of service (interface outage) via a crafted HTTP request,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Denial Of Service Small Business 220 Series Smart Plus Switches
NVD
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cisco Small Business 220 Series Smart Plus Switches
NVD
EPSS 0% CVSS 8.8
HIGH POC This Week

Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Cisco Small Business 220 Series Smart Plus Switches
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy