CVE-2018-20439

Cisco warns of CSLU backdoor admin account used in attacks - Cisco patched this security flaw (CVE-2024-20439) in September, describing it as "an undocumented static user credential for an administrative account" that lets unauthenticated attackers log into unpatched systems remotely with admin privileges over ...
2 months ago Bleepingcomputer.com CVE-2024-20439

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com

Critical Cisco Smart Licensing Utility flaws now exploited in attacks - Cisco patched this security flaw (tracked as CVE-2024-20439) in September, describing it as "an undocumented static user credential for an administrative account" that can let unauthenticated attackers log into unpatched systems remotely with admin ...
3 months ago Bleepingcomputer.com CVE-2024-20439

Cisco Smart Licensing Utility Vulnerabilities Let Attackers Gain Admin Access - Two critical vulnerabilities were actively exploited in Cisco Smart Licensing Utility, potentially allowing attackers to gain administrative access to affected systems. The vulnerabilities, discovered in September 2024 but now seeing active ...
2 months ago Cybersecuritynews.com CVE-2024-20439

CVE-2018-20439 - Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests. ...
5 years ago

Cisco Webex bug lets hackers gain code execution via meeting links - Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. Tracked as CVE-2025-20236, this security flaw was found ...
2 months ago Bleepingcomputer.com CVE-2025-20236

Hackers Exploiting Multiple Cisco Smart Licensing Utility Vulnerability  - Johannes Ullrich, Dean of Research at SANS, noted the irony that “it’s always fun to see how cheap IoT devices and expensive enterprise security software share similar basic vulnerabilities” – both often containing hardcoded ...
3 months ago Cybersecuritynews.com CVE-2024-20439

CISA Warns of Cisco Smart Licensing Utility Credential Vulnerability Exploited in Attacks - The flaw, identified as CVE-2024-20439, affects the Cisco Smart Licensing Utility (CSLU) and allows unauthenticated, remote attackers to gain administrative access to affected systems through an undocumented, static credential. Johannes Ullrich, Dean ...
2 months ago Cybersecuritynews.com CVE-2024-20439

CVE-2021-20439 - IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user. ...
3 years ago

CVE-2022-20439 - In Messaging, There has unauthorized provider, this could cause Local Deny of Service.Product: AndroidVersions: Android SoCAndroid ID: A-242266172 ...
2 years ago

CVE-2019-20439 - An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in defining a scope in the "manage the API" page of the API Publisher. ...
2 years ago

CVE-2024-20439 - A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential ...
2 months ago CVE-2024-20440 CVE-2024-20439 CVE-2024-0305 CVE-2025-20150

CVE-2023-37342 - Kofax Power PDF PNG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to ...
1 year ago Tenable.com

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago