211 matches found
CVE-2020-3176
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
Input validation
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
CVE-2020-3176 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
CVE-2020-3176
CVE-2020-3176 affects Cisco Remote PHY Device Software. A local attacker with valid administrator access can exploit improper input sanitization to inject commands into the Linux shell with root privileges, potentially taking full control of the device. Vendors have issued advisories and, where a...
CVE-2020-3176 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...
Cisco NX-OS Software Privilege Escalation Vulnerability
According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability - A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device.The vulnerability i...
Cisco IOS XE Software CLI Command Injection Multiple Vulnerabilities (cisco-sa-20180328-cmdinj)
According to its self-reported version, Cisco IOS XE Software is affected by multiple vulnerabilities in the CLI parser because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An authenticated, local attacker can...
CVE-2019-1936
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...
CVE-2019-1839
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
Input validation
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...
Input validation
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
CVE-2019-1936 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...
CVE-2019-1936 Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...
CVE-2019-1839 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
CVE-2019-1839
Cisco Remote PHY Device Software contains a command injection vulnerability that can be exploited by an authenticated local attacker with administrator access to execute arbitrary commands as root due to improper input sanitization. The issue affects the underlying Linux shell on affected devices...
CVE-2019-1839 Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
Cisco Remote PHY Device Software Command Injection Vulnerability
A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attack...
Cisco Integrated Management Controller Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data Command Injection Vulnerability
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux shell as the root use...
The vulnerability in the web interface of the Cisco IOS XE operating system allows a hacker to execute arbitrary commands with root privileges.
The vulnerability of the Cisco IOS XE operating system’s Web UI is related to deficiencies in data validation during user input. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands in the Linux shell with root privileges...