40 matches found
CVE-2026-20112
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...
EUVD-2026-15442
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...
CVE-2026-20113
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed CRLF injection attack against a user. This vulnerability is due to insufficient validatio...
CVE-2026-20112
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web-based management interface of an affected device. Th...
CVE-2026-20112
Cisco IOx web-based management interface in Cisco IOS XE is affected by a stored XSS vulnerability due to insufficient input validation. An attacker with valid administrative credentials could inject malicious code into specific pages, potentially executing scripts in the browser context or acces...
CVE-2026-20113
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed CRLF injection attack against a user. This vulnerability is due to insufficient validatio...
CVE-2026-20113
A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed CRLF injection attack against a user. This vulnerability is due to insufficient validatio...
The vulnerability of the Cisco IOx software platform for the Cisco IOS XE operating system allows a hacker to gain access to the basic operating system as a root user.
The vulnerability of the Cisco IOx software platform for the Cisco IOS XE operating system is related to an error in blocking the privileged mode options for Docker containers during application development. Exploiting this vulnerability could allow a malicious actor to gain access to the basic...
CVE-2023-20065
A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit thi...
CVE-2023-20076
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an...
The vulnerability of the Cisco IOx software platform arises from the failure to take measures to neutralize special elements used in the operating system’s command set. This allows attackers to execute arbitrary commands on the operating system with root privileges.
The vulnerability of the Cisco IOx software platform exists due to the lack of measures taken to neutralize special elements used in the operating system’s commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands in the operating system with root privileges...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a malicious individual to read or write arbitrary files within the system.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to remotely read or write arbitrary files in the system by sending a specially crafted HTTP reques...
The vulnerability of the Cisco IOx software platform, caused by synchronization errors when using a shared resource, allows a perpetrator to bypass the authentication process.
The vulnerability of the Cisco IOx software platform arises from synchronization errors when using a shared resource. Exploiting this vulnerability allows a malicious actor to bypass authentication procedures remotely...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory, allowing a perpetrator to execute arbitrary code.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access catalog. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a perpetrator to execute arbitrary code or carry out cross-site scripting attacks.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform XSS attacks remotely...
The vulnerability of the Cisco IOx software platform arises from an incorrect limitation on the path name to the restricted access directory. This allows a perpetrator to execute arbitrary code or carry out cross-site scripting attacks.
The vulnerability of the Cisco IOx software platform exists due to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or perform XSS attacks remotely...
CVE-2022-20727
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20724
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20726
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20725
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...