Tag

Snmp

4 briefs RSS

lwIP SNMPv3 USM Handler Stack-Based Buffer Overflow (CVE-2026-8836)

A stack-based buffer overflow vulnerability (CVE-2026-8836) exists in lwIP up to version 2.2.1 within the snmpv3 USM Handler, allowing remote attackers to execute arbitrary code by manipulating the `msgAuthenticationParameters` argument in the `snmp_parse_inbound_frame` function.

lwIP snmp buffer_overflow rce CVE-2026-8836

2r 3t 1c May 18, 2026

high advisory

F5 BIG-IP CVE-2026-42924 iControl SOAP SNMP Configuration Privilege Escalation

1 rule 1 TTP 1 CVE

CVE-2026-42924 allows an authenticated attacker with Resource Administrator or Administrator privileges to escalate privileges by creating malicious SNMP configuration objects through iControl SOAP.

BIG-IP privilege-escalation snmp f5 cve-2026-42924

1r 1t 1c May 13, 2026

high threat

F5 BIG-IP and BIG-IQ iControl REST/TMOS Shell Privilege Escalation Vulnerability (CVE-2026-40698)

2 rules 1 TTP 1 CVE

CVE-2026-40698 allows a highly privileged, authenticated attacker with Resource Administrator privileges in F5 BIG-IP and BIG-IQ systems to create SNMP configuration objects via iControl REST or TMOS shell (tmsh), resulting in privilege escalation.

BIG-IP +1 privilege-escalation snmp

2r 1t 1c May 13, 2026

medium advisory

Cisco SG350 and SG350X Series Managed Switches SNMP Denial-of-Service Vulnerability

2 rules 1 TTP

A remote, authenticated attacker can cause a denial-of-service condition on vulnerable Cisco SG350 and SG350X Series Managed Switches by sending a crafted SNMP request due to improper error handling.

SG350 Series Managed Switches +1 snmp denial-of-service cve-2026-20185

2r 1t May 6, 2026