EUVD-2021-27302

Malware in sbrugna...

The vulnerability of the Cisco Webex Video Mesh media transfer software arises from the lack of protective measures taken for the website structure, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of the Cisco Webex Video Mesh media transfer software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability in the web interface of the Cisco Webex Video Mesh software allows a attacker to redirect users to a malicious web page.

The vulnerability of the Cisco Webex Video Mesh software management web interface is related to the possibility of redirecting users to an unreliable website. Exploiting this vulnerability allows a malicious actor to redirect users to malicious web pages...

CVE-2021-40115

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-40115

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-1500

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

CVE-2021-1500

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

Design/Logic Flaw

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

CVE-2021-1500 Cisco Webex Video Mesh Arbitrary Site Redirection Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request. An attacker could exploit th...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

CVE-2021-40115 Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

Cisco Webex Video Mesh Cross-Site Scripting Vulnerability

A vulnerability in Cisco Webex Video Mesh could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker...

Cisco Webex Video Mesh 跨站脚本漏洞

Cisco Webex Video Mesh is a software from Cisco, U.S.A. Cisco Webex Video Mesh dynamically finds the best combination of local and cloud conferencing resources. When local resources are sufficient, local meetings stay local. When local resources are exhausted, the conference is expanded to the...

The vulnerability in the web interface of the Cisco Webex Video Mesh software allows a malicious actor to execute arbitrary commands.

The vulnerability of the Cisco Webex Video Mesh software control web interface is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

CVE-2019-16005

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the...

Input validation

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the...

CVE-2019-16005 Cisco Webex Video Mesh Node Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the...

CVE-2019-16005 Cisco Webex Video Mesh Node Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the...

Cisco Webex Video Mesh Software Command Injection Vulnerability

Cisco Webex Video Mesh Software releases is a web-based video conferencing solution. A command injection vulnerability in the web management interface in versions prior to Cisco Webex Video Mesh Software releases 2019.09.19.1956m stems from the interface failing to properly validate user-submitte...

Cisco Webex Video Mesh Software CVE-2019-16005 Remote Command Injection Vulnerability

Description Cisco Webex Video Mesh Software is prone to a remote command injection vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected device. This issue is being tracked by Cisco Bug ID...