15 matches found
EUVD-2016-7333
Malware in sbrugna...
EUVD-2016-7335
Malware in sbrugna...
EUVD-2017-12969
Malware in sbrugna...
Cisco Patches Critical IOx Vulnerability
Cisco Systems patched a critical vulnerability Wednesday that could allow an unauthenticated, remote attacker to execute remote code on affected hardware and gain root privileges. The bug is in Cisco’s Data-in-Motion DMo process, part of the company’s IOx application environment that marries its...
CVE-2017-3851
A Directory Traversal vulnerability in the web framework code of the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an unauthenticated, remote attacker to read any file from the CAF in the virtual instance running on the affected device. The...
CVE-2017-3852
A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...
Cisco Application-Hosting Framework Arbitrary File Creation Vulnerability
A vulnerability in the Cisco application-hosting framework CAF component of the Cisco IOx application environment could allow an authenticated, remote attacker to write or modify arbitrary files in the virtual instance running on the affected device. The vulnerability is due to insufficient input...
CVE-2016-9199
A vulnerability in the Cisco application-hosting framework CAF of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More...
CVE-2016-6412
The Cisco Application-hosting Framework CAF component in Cisco IOS 15.61T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773...
CVE-2016-6410
The Cisco Application-hosting Framework CAF component in Cisco IOS 15.61T1 and IOS XE, when the IOx feature set is enabled, allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuy19856...
Code injection
The Cisco Application-hosting Framework CAF component in Cisco IOS 15.61T1 and IOS XE, when the IOx feature set is enabled, allows man-in-the-middle attackers to trigger arbitrary downloads via crafted HTTP headers, aka Bug ID CSCuz84773...
CVE-2016-6412
The CVE-2016-6412 entry describes a vulnerability in Cisco IOS/IOS XE’s Application-hosting Framework (CAF) when the IOx feature set is enabled. The issue arises from insufficient input validation in CAF, allowing a remote attacker to induce a CAF user to download an attacker-controlled file by s...
Cisco IOS and IOS XE Software Application-Hosting Framework Unauthorized File Access Vulnerability
Cisco IOS and IOS XE Software are operating systems developed by Cisco in the United States for its network devices. An unauthorized file access vulnerability exists in the Application-Hosting Framework component of Cisco IOS and IOS XE Software. When the Iox feature setting is enabled, a remote...
Cisco IOS and IOS XE Software Application-Hosting Framework HTTP Header Injection Vulnerability
Cisco IOS and IOS XE Software are operating systems developed by Cisco in the United States for its network devices. An HTTP header injection vulnerability exists in the Application-Hosting Framework component in Cisco IOS version 15.61T1 and IOS XE Software. When the Iox feature setting is...
Cisco IOS Software Cisco Application-Hosting Framework HTTP Header Injection Vulnerability (cisco-sa-20160921-caf1)
A vulnerability in the Cisco Application-hosting Framework CAF component for Cisco IOS Software with the IOx feature set could allow an unauthenticated, remote attacker to cause a CAF user to download a file controlled by the attacker. SPDX-FileCopyrightText: 2016 Greenbone AG Some text...