Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2023-85953
HistoryOct 27, 2023 - 12:00 a.m.

Command Injection Vulnerability in Cisco IOS XE

2023-10-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
cisco
command injection
vulnerability
input validation
web ui
root privileges
software
cisco ios xe
cisco inc.

7.6 High

AI Score

Confidence

Low

0.036 Low

EPSS

Percentile

91.8%

JSON

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. Cisco IOS XE suffers from a command injection vulnerability that stems from insufficient input validation, which can be exploited by an attacker to inject commands using root privileges via web UI functionality.

Related

nvd 2
cvelist 2
prion 2
cve 2
githubexploit 1
ics 1
zdt 2
cisco 1
attackerkb 2
metasploit 2
packetstorm 1
nessus 1
thn 2
talosblog 1
cisa_kev 1
rapid7blog 2
nvd
nvd
CVE-2023-20273
2023-10-25 18:17:23
CVE-2023-20198
2023-10-16 16:15:10
cvelist
cvelist
CVE-2023-20273
2023-10-24 14:13:36
CVE-2023-20198
2023-10-16 15:12:58
prion
prion
Input validation
2023-10-25 18:17:00
Command injection
2023-10-16 16:15:00
cve
cve
CVE-2023-20273
2023-10-25 18:17:23
CVE-2023-20198
2023-10-16 16:15:10
githubexploit
githubexploit
Exploit for OS Command Injection in Cisco Ios Xe
2023-12-09 07:25:43
ics
ics
Rockwell Automation Stratix 5800 and Stratix 5200 (Update A)
2023-11-21 12:00:00
zdt
zdt
Cisco IOX XE Unauthenticated Remote Code Execution Chain Exploit
2023-11-10 00:00:00
Cisco IOX XE unauthenticated OS Command Execution Exploit
2023-11-10 00:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco IOS XE Software Web UI Feature
2023-10-16 15:00:00
attackerkb
attackerkb
CVE-2023-20273
2023-10-25 00:00:00
CVE-2023-20198
2023-10-16 00:00:00
metasploit
metasploit
Cisco IOX XE unauthenticated OS command execution
2023-11-03 15:38:35
Cisco IOX XE Unauthenticated RCE Chain
2023-11-06 17:12:40
packetstorm
packetstorm
Cisco IOX XE Unauthenticated Remote Code Execution
2023-11-14 00:00:00
nessus
nessus
Cisco IOS XE Software Web UI Privilege Escalation (cisco-sa-iosxe-webui-privesc-j22SaA4z)
2023-10-16 00:00:00
thn
thn
Backdoor Implanted on Hacked Cisco Devices Modified to Evade Detection
2023-10-24 06:33:00
Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices
2023-10-21 03:46:00
talosblog
talosblog
Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerabilities
2023-10-16 15:05:50
cisa_kev
cisa_kev
Cisco IOS XE Web UI Command Injection Vulnerability
2023-10-23 00:00:00
rapid7blog
rapid7blog
CVE-2023-20198: Active Exploitation of Cisco IOS XE Zero-Day Vulnerability
2023-10-17 19:50:03
Metasploit Weekly Wrap-Up
2023-11-10 18:59:55

7.6 High

AI Score

Confidence

Low

0.036 Low

EPSS

Percentile

91.8%

JSON
Related for CNVD-2023-85953
nvd2cvelist2prion2cve2githubexploit1ics1zdt2cisco1attackerkb2metasploit2packetstorm1nessus1thn2talosblog1cisa_kev1rapid7blog2