Lucene search
China National Vulnerability DatabaseCNVD-2021-70106HistorySep 09, 2021 - 12:00 a.m.
Cisco IOS XR Software Command Injection Vulnerability
2021-09-0900:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.0004 Low
EPSS
Percentile
5.2%
A command injection vulnerability exists in the CLI of Cisco IOS XR Software, a unique self-healing and self-defending operating system that not only supports 24x7 operations, but also allows for continuous expansion and addition of new services or features. The vulnerability stems from a program that does not properly validate command parameters. An attacker could use this vulnerability to access the underlying root shell of the affected device and execute arbitrary commands as root.
Related
cvelist
cvelist
CVE-2021-34722 Cisco IOS XR Software Command Injection Vulnerabilities
2021-09-08 00:00:00
nvd
nvd
CVE-2021-34722
2021-09-09 05:15:11
cve
cve
CVE-2021-34722
2021-09-09 05:15:11
prion
prion
Information disclosure
2021-09-09 05:15:00
nessus
nessus
Cisco IOS XR Software Command Injection (cisco-sa-iosxr-cmd-inj-wbZKvPxc)
2021-09-10 00:00:00
cisco
cisco
Cisco IOS XR Software Command Injection Vulnerabilities
2021-09-08 16:00:00