Netgear patches Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches

Researchers have discovered a Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches.

Continue ReadingNetgear patches Critical authentication bypass vulnerability and two other flaws in multiple models of some Smart Switches

Cisco fixes a Critical authentication bypass vulnerability in NFV Infrastructure Software TACACS+ AAA feature

Cisco has fixed a Critical authentication bypass vulnerability CVE-2021-34746 in NFV Infrastructure Software (NFVIS) TACACS+ authentication, authorization and accounting (AAA) feature.

Continue ReadingCisco fixes a Critical authentication bypass vulnerability in NFV Infrastructure Software TACACS+ AAA feature

Cisco releases security update for Critical UPnP vulnerability in small business routers

Cisco has released a security update for a Critical UPnP vulnerability CVE-2021-34730 in Small Business router models, as well as multiple vulnerabilities in other Cisco products.

Continue ReadingCisco releases security update for Critical UPnP vulnerability in small business routers

Fortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer

Fortinet has patched a High risk use-after-free vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer fgfmsd daemon. An attacker could exploit the vulnerability to launch remote code execution (RCE) as root and take control of an impacted system.

Continue ReadingFortinet patches High risk RCE vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer