Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
High
Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to bypass security restrictions, caused by improper access controls on files within the local file system. By using a specially-crafted symbolic link, an attacker could exploit this vulnerability to overwrite arbitrary files on the device.
Cisco SD-WAN vManage Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper input validation by the web-based management interface. By sending specially-crafted HTTP requests, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to execute arbitrary commands on the system, caused by improper validation of arguments passed to certain CLI commands. By including specially-crafted input in the argument of an command, an attacker could exploit this vulnerability to execute arbitrary commands with elevated privileges on the underlying operating system.
Cisco IOS and IOS XE Software are vulnerable to a denial of service, caused by improper initialization of a buffer. By sending specially-crafted LLDP frames, a remote authenticated attacker could exploit this vulnerability to cause the device to crash.
Cisco SD-WAN Software could allow a local authenticated attacker to obtain sensitive information, caused by improper protections on file access through the CLI. By sending a specially-crafted CLI command that targets an arbitrary file, an attacker could exploit this vulnerability to obtain information of portions of an arbitrary file, and use this information to launch further attacks against the affected system.
Cisco Embedded Wireless Controller Software is vulnerable to a denial of service, caused by improper buffer allocation. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to exhaust available resources, and results in a denial of service condition.
Cisco IOS and IOS XE Software are vulnerable to a denial of service, caused by an improper interaction between the web UI and the CLI parser. By requesting a particular CLI command to be run through the web UI, a remote authenticated attacker could exploit this vulnerability to cause the device to reload, and results in a denial of service condition.
Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to bypass security restrictions, caused by improper validation of specific CLI command parameters. By sending a specially-crafted command with specific parameters, an attacker could exploit this vulnerability to overwrite the content of the configuration database and gain root-level access to the device.
Cisco IOS XE Software could allow a remote attacker to bypass security restrictions, caused by improper data validation of traffic that is traversing the ALG. By sending specially-crafted traffic , an attacker could exploit this vulnerability to bypass the ALG and open connections not allowed to a remote device located behind the ALG.
Cisco ASR 900 and ASR 920 Series Aggregation Services Routers could allow a remote attacker to bypass security restrictions, caused by incorrect programming of hardware when an ACL is configured using a method other than the configuration CLI. By sending specially-crafted traffics, an attacker could exploit this vulnerability to bypass an ACL on the device.
Cisco IOS XE Software is vulnerable to a denial of service, caused by improper handling of certain Layer 2 frames. By sending specially-crafted Layer 2 frames on the segment the router is connected, a remote attacker could exploit this vulnerability to cause a queue wedge on the interface, and results in a denial of service condition.
Cisco SD-WAN vManage Software could allow a remote authenticated attacker to obtain sensitive information, caused by improper access control to the API endpoints. By sending a specially-crafted request to an API endpoint, an attacker could exploit this vulnerability to obtain the administrative credentials, and use this information to launch further attacks against the affected system.
Cisco IOS XE Software is vulnerable to a denial of service, caused by improper handling of the rate limiting feature within the QuantumFlow Processor. By sending specially-crafted traffic, a remote attacker could exploit this vulnerability to cause the QuantumFlow Processor utilization to reach 100 percent, and results in a denial of service condition.
Cisco IOS XE SD-WAN Software could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper file system protection and the presence of a sensitive file in the bootflash directory. By overwriting an installer file stored in the bootflash directory with arbitrary commands, an <authenticated> attacker could exploit this vulnerability to read and write changes to the configuration database with root privileges.
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
CVE-2021-1612
CVE-2021-34712
CVE-2021-34729
CVE-2021-34703
CVE-2021-1546
CVE-2021-1615
CVE-2021-34699
CVE-2021-34723
CVE-2021-1616
CVE-2021-34696
CVE-2021-1621
CVE-2021-1589
CVE-2021-1624
CVE-2021-34724