Lucene search
K

21 matches found

NVD
NVD
added 4 days ago6 views

CVE-2026-20191

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS0.00756EPSS
Exploits0References1
CVE
CVE
added 4 days ago41 views

CVE-2026-20191

Cisco Catalyst Center is affected by CVE-2026-20191. The issue arises from insufficient validation of user-supplied input, enabling an unauthenticated remote attacker to read arbitrary files from a restricted container by sending a crafted HTTP request. CVSSv3.1 base score 7.5 (HIGH), with networ...

7.5CVSS6AI score0.00756EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 4 days ago4 views

CVE-2026-20191

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS6AI score0.00756EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-20191 Cisco Catalyst Center Arbitrary File Read Vulnerability

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS0.00756EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-41078

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS6AI score0.00756EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 4 days ago6 views

PT-2026-54702

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description Insufficient validation of user-supplied input allows an unauthenticated, remote attacker to read arbitrary files from a restricted container. This is achieved by sending a...

7.5CVSS6AI score0.00756EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/11/14 4:55 p.m.5 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS7.4AI score0.00324EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 6:31 p.m.5 views

EUVD-2025-175336

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

6.3CVSS6.9AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2025/11/13 5:15 p.m.11 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS0.00324EPSS
Exploits0References1
OSV
OSV
added 2025/11/13 5:15 p.m.5 views

CVE-2025-20349

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

8.8CVSS6AI score0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/13 4:18 p.m.8 views

CVE-2025-20349 Cisco DNA Center API Command Injection Vulnerability

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

6.3CVSS0.00324EPSS
Exploits0References1
CVE
CVE
added 2025/11/13 4:18 p.m.22 views

CVE-2025-20349

CVE-2025-20349 concerns Cisco Catalyst Center. The REST API suffers from insufficient validation of user-supplied input in request parameters, enabling an authenticated attacker (credentials at least Observer) to craft API requests that inject arbitrary commands executed inside a restricted conta...

8.8CVSS7AI score0.00324EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/11/13 4:18 p.m.4 views

CVE-2025-20349 Cisco DNA Center API Command Injection Vulnerability

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

6.3CVSS7AI score0.00324EPSS
Exploits0References1
Cisco
Cisco
added 2025/11/13 4:0 p.m.14 views

Cisco Catalyst Center REST API Command Injection Vulnerability

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker...

6.3CVSS7.5AI score0.00324EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.7 views

PT-2025-46853

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description A flaw exists in the REST API of Cisco Catalyst Center that could allow a remote attacker with valid credentials at least Observer role to execute arbitrary commands within a...

6.3CVSS7AI score0.00324EPSS
Exploits0References4
CNVD
CNVD
added 2023/05/20 12:0 a.m.8 views

Cisco DNA Center Information Disclosure Vulnerability (CNVD-2023-62938)

Cisco DNA Center is a network management and command center service from Cisco USA. An information disclosure vulnerability exists in Cisco DNA Center. The vulnerability stems from improper authorization of API requests and can be exploited by an authenticated, remote attacker to read information...

5.4CVSS7.4AI score0.00493EPSS
Exploits0References1
OSV
OSV
added 2023/05/18 3:15 a.m.4 views

CVE-2023-20184

Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these...

4.3CVSS6.1AI score0.00485EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/05/18 12:0 a.m.16 views

CVE-2023-20183 Cisco DNA Center Software API Vulnerabilities

Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these...

5.4CVSS7.7AI score0.00493EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/05/18 12:0 a.m.15 views

Cisco DNA Center 输入验证错误漏洞

Cisco DNA Center is a network management and command center service from Cisco USA. A command execution vulnerability exists in Cisco DNA Center Software. The vulnerability stems from the application's inadequate validation of user-supplied input in API request parameters and can be exploited by ...

8.8CVSS7.5AI score0.00624EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/18 12:0 a.m.20 views

CVE-2023-20184 Cisco DNA Center Software API Vulnerabilities

Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated, remote attacker to read information from a restricted container, enumerate user information, or execute arbitrary commands in a restricted container as the root user. For more information about these...

5.4CVSS7.7AI score0.00485EPSS
Exploits0References1
Rows per page
Query Builder