TP-Link L2 switch T2600G-28SQ firmware versions prior to 'T2600G-28SQ(UN)_V1_1.0.6 Build 20230227' uses vulnerable SSH host keys. This issue affects Juniper Networks Junos OS on QFX10002: All versions prior to 19.3R3-S7 19.4 versions prior to 19.4R3-S11 20.2 versions prior to 20.2R3-S6 20.4 versions prior to 20.4R3-S5 21.1 versions prior to 21.1R3-S4 21.2 versions prior to 21.2R3-S3 21.3 versions prior to 21.3R3 21.4 versions prior to 21.4R2. If the combined level of the applicable traffic exceeds the specified level, the switch drops packets for the controlled traffic types. Storm control monitors the level of applicable incoming traffic and compares it with the level specified.
Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition.
After receiving the malicious command, the device will keep reporting its status and finally drain its battery after receiving the 'Set_short_poll_interval' command.Īn Improper Check or Handling of Exceptional Conditions within the storm control feature of Juniper Networks Junos OS allows an attacker sending a high rate of traffic to cause a Denial of Service. Sengled Dimmer Switch V0.0.9 contains a denial of service (DOS) vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. Attackers are then able to create WCF and DrayDDNS licenses and synchronize them from the website. Draytek Vigor Routers firmware versions below 3.9.6/4.2.4, Access Points firmware versions below v1.4.0, Switches firmware versions below 2.6.7, and Myvigor firmware versions below 2.3.2 were discovered to use hardcoded encryption keys which allows attackers to bind any affected device to their own account.
0 kommentar(er)
