43 matches found
EUVD-2017-12982
Malware in sbrugna...
EUVD-2018-0938
Malware in sbrugna...
EUVD-2017-15783
Malware in sbrugna...
EUVD-2021-6612
Malicious code in bioql PyPI...
CVE-2021-1539
CVE-2021-1539 concerns multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) that allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. The issue stems from weaknesses in the authoriza...
Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read (cisco-sa-staros-file-read-L3RDvtey)
According to its self-reported version, the Cisco StarOS operating system on the remote Cisco ASR 5000 series router is affected by an arbitrary file read vulnerability due to insecure handling of symbolic links. An authenticated, remote attacker can exploit this, by sending a crafted SFTP comman...
Cisco StarOS Arbitrary File Read Vulnerability
Cisco StarOS is a router operating system that controls the entire system logic and can control processes and CLIs. An arbitrary file read vulnerability exists in Secure FTP SFTP in Cisco StarOS versions prior to 21.19.7 used in Cisco ASR 5000 series routers, which can be exploited by an attacker...
CVE-2021-1145 Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
A vulnerability in the Secure FTP SFTP of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The...
CVE-2021-1145
CVE-2021-1145 affects Cisco StarOS for the Cisco ASR 5000 Series Routers. The vulnerability is due to insecure handling of symbolic links in Secure FTP (SFTP); with valid credentials, an authenticated attacker could read arbitrary files on the device by sending a crafted SFTP command. Cisco’s adv...
Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read Vulnerability
A vulnerability in the Secure FTP SFTP of Cisco StarOS for Cisco ASR 5000 Series Routers could allow an authenticated, remote attacker to read arbitrary files on an affected device. To exploit this vulnerability, the attacker would need to have valid credentials on the affected device. The...
Cisco StarOS for Cisco ASR 5000 Series Routers 后置链接漏洞
Cisco StarOS is a router operating system that controls the entire system logic and can control processes and CLIs. An arbitrary file read vulnerability exists in Secure FTP SFTP in Cisco StarOS versions prior to 21.19.7 used in Cisco ASR 5000 series routers, which can be exploited by an attacker...
CVE-2020-3602
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...
CVE-2020-3602
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...
CVE-2020-3601
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...
Input validation
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...
CVE-2020-3601 Cisco StarOS Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...
CVE-2020-3601 Cisco StarOS Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco StarOS operating system for Cisco ASR 5000 Series Routers could allow an authenticated, local attacker to elevate privileges on an affected device. The vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this...
CVE-2020-3601
CVE-2020-3601 affects Cisco StarOS on ASR 5000 Series Routers. The vulnerability arises from insufficient input validation in the CLI, enabling an authenticated, local attacker with administrative credentials to execute arbitrary code with root privileges. Reports describe privilege escalation by...
Vulnerabilities fixed in Cisco StarOS for ASR 5000 Series routers
Cisco has fixed multiple vulnerabilities in StarOS for ASR 5000 Series routers. A local malicious person with limited administrator privileges could potentially exploit the vulnerabilities to execute arbitrary code under root privileges. Cisco has released updates to fix the vulnerabilities in...
CVE-2020-3244
A vulnerability in the Enhanced Charging Service ECS functionality of Cisco ASR 5000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass the traffic classification rules on an affected device. The vulnerability is due to insufficient input validation of...