Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco war...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
74 articles found
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco war...
Attackers are leaning harder on legitimate, preinstalled, or widely used system tools to deliver and operate notorious malware families, creating a stealthy,...
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary comma...
View CSAF Summary Successful exploitation of this vulnerability allows an attacker's malicious script to execute in the browser of any authenticated user or ...
MeiG Smart FORGE_SLT711 - OS Command Injection
The vulnerabilities, identified as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, allow for unauthorized system changes, path traversal for accessing un...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is requir...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Kemp LoadMaster. Authentication is requir...
A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary ...
The vulnerability, CVE-2026-8153, affects Universal Robots PolyScope 5 and it can be exploited for OS command injection. The post Critical Vulnerability Expo...
View CSAF Summary Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute code. The following versions ...
Attackers are weaponizing .jpeg files to deliver PowerShell payloads, trojanize ScreenConnect, and establish persistence on target systems.
A newly observed ClickFix campaign is pushing beyond simple user-triggered infections, introducing a more persistent and stealthy intrusion chain using PySox...
glances 4.5.
Developers looking for Anthropic’s increasingly popular Claude Code tool are now being lured into downloading malware. According to researchers at Ontinue, a...
Magecart-style attackers are once again abusing trusted web services, this time weaponizing Google Tag Manager (GTM) to inject credit card skimmers into ecom...
A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based att...
Cybersecurity AI (CAI) Framework 0.5.
Atlona ATOMERX21 - Authenticated Command Injection
Cybersecurity researchers have disclosed details of a critical security vulnerability impacting GitHub.com and GitHub Enterprise Server that could allow an a...