108 matches found
Cisco IOS XE Software IOx Application Hosting Environment Command Injection (cisco-sa-iox-8whGn5dL)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an...
Cisco IOx Application Hosting Environment Command Injection Vulnerability
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an...
When Pwning Cisco Persistence Is Key When Pwning Supply Chain Cisco Is Key
When Pwning Cisco, Persistence is Key - When Pwning Supply Chain, Cisco is Key By Trellix · February 1, 2023 This story was also written by Kasimir Schulz and Sam Quinn. Unlike those of the past, modern routers now function like high-powered servers with many ethernet ports running not only routi...
Cisco IOS Software IOx Application Hosting Environment (cisco-sa-iox-yuXQ6hFj)
According to its self-reported version, Cisco IOS is affected by multiple vulnerabilities: - Multiple parameter injection vulnerabilities in the Cisco IOx application hosting environment. Due to incomplete sanitization of parameters that are part of an application package, an authenticated, remot...
CVE-2022-20724
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20721
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20718
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20722
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20721
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20719
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20720
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20727
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20723
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20726
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cross site scripting
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cross site scripting
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cross site scripting
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cross site scripting
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
Cross site scripting
Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being...
CVE-2022-20720
Cisco IOx Application Hosting Environment (CVE-2022-20720) on multiple Cisco platforms is affected by a path traversal vulnerability due to insufficient path validation. An authenticated remote attacker can create a symbolic link within a deployed application and read or execute arbitrary code as...