Cisco IOS XE Software for Cisco 4000 Series Integrated Services Routers Privileged EXEC Mode Root Shell Access (cisco-sa-20180328-privesc3)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the CLI parser due to improperly sanitizing command arguments to prevent access to internal data structures on a device. An authenticated, local attacker with privileged EXEC mode privilege level 15...

Chepy - A Python Lib/Cli Equivalent Of The Awesome CyberChef Tool.

Chepy is a python library with a handy cli that is aimed to mirror some of the capabilities of CyberChef. A reasonable amount of effort was put behind Chepy to make it compatible to the various functionalities that CyberChef offers, all in a pure Pythonic manner. There are some key advantages and...

Cisco SD-WAN Solution Command Injection Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating ...

PT-2020-1929 · Cisco · Cisco Sd-Wan Solution

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN Solution software affected versions not specified Description: The issue is related to insufficient input validation in the CLI of Cisco SD-WAN Solution software, allowing an authenticated, local attacker to inject arbitrary...

Command injection

A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands...

CVE-2019-15708

CVE-2019-15708 concerns a system command injection vulnerability in Fortinet FortiAP devices. Based on connected sources, affected products include FortiAP-S/W2 (versions 6.2.1, 6.2.0, 6.0.5 and below), FortiAP (6.0.5 and below), and FortiAP-U (below 6.0.0). The issue occurs in the CLI admin cons...

CVE-2019-15708

A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6.2.0, 6.0.5 and below, FortiAP 6.0.5 and below and FortiAP-U below 6.0.0 under CLI admin console may allow unauthorized administrators to run arbitrary system level commands via specially crafted ifconfig commands...

CVE-2019-16157

CVE-2019-16157 affects Fortinet FortiWeb (6.2.0 CLI and earlier). The underlying issue is an information exposure: an authenticated user could view sensitive information being logged via diagnose debug commands. Impact is primarily confidentiality loss for logged data; CVSS metrics indicate a bas...

CVE-2019-16157

An information exposure vulnerability in Fortinet FortiWeb 6.2.0 CLI and earlier may allow an authenticated user to view sensitive information being logged via diagnose debug commands...

Cisco FTD Software CLI Command Injection (cisco-sa-20200226-fxos-ucs-cmdinj)

According to its self-reported version, Cisco FTD Software is affected by a vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, by including crafted arguments to specific commands, in order to execute arbitrary commands on the underlyi...

Cisco ASA Software CLI Command Injection (cisco-sa-20200226-fxos-ucs-cmdinj)

According to its self-reported version, Cisco ASA Software is affected by a vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, by including crafted arguments to specific commands, in order to execute arbitrary commands on the underlyi...

Cisco UCS Manager Software CLI Command Injection (cisco-sa-20200226-fxos-ucs-cmdinj)

According to its self-reported version, Cisco UCS Manager Software is affected by a vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, by including crafted arguments to specific commands, in order to execute arbitrary commands on the...

CVE-2020-1980

A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions...

PAN-OS: Shell injection vulnerability in PAN-OS CLI allows execution of shell commands

A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions...

Fedora: Security Advisory for podman (FEDORA-2020-ccc3e64ea5)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: podman-1.8.0-4.fc30

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Cisco Adaptive Security Appliance Software CLI Arbitrary File Read and Write Vulnerability (cisco-sa-20200226-fxos-cli-file)

According to its self-reported version, Adaptive Security Appliance ASA Software is affected by an arbitrary file read and write vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, via crafted arguments on a specific CLI command, to re...

Cisco FXOS Software CLI Command Injection Vulnerability (cisco-sa-20200226-fpwr-cmdinj)

According to its self-reported version, Cisco Firepower Extensible Operating System FXOS is affected by a command injection vulnerability in its command line interface component due to insufficient validation of arguments passed to a specific command. An authenticated, local attacker can exploit...

Cisco FXOS Software CLI Arbitrary File Read and Write Vulnerability (cisco-sa-20200226-fxos-cli-file)

According to its self-reported version, Cisco Firepower Extensible Operating System FXOS is affected by an arbitrary file read and write vulnerability in the CLI due to insufficient input validation. An authenticated, local attacker can exploit this, via crafted arguments on a specific CLI comman...

CVE-2020-3176

A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An...