Command injection

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...

Design/Logic Flaw

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

Design/Logic Flaw

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

Design/Logic Flaw

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

Design/Logic Flaw

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

Design/Logic Flaw

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

CVE-2018-0169

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...

CVE-2018-0182

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

CVE-2018-0193

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

CVE-2018-0185

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

CVE-2018-0169

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...

CVE-2018-0176

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerabilities are due to the affected softwa...

CVE-2018-0183

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperl...

CVE-2018-0193

Cisco IOS XE Software CLI Command Injection vulnerabilities (CVE-2018-0193) affect the CLI parser and allow an authenticated, local attacker to inject arbitrary commands into the CLI, enabling access to the underlying Linux shell and execution of commands with root privileges on the device. Root ...

CVE-2018-0193

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute comman...

CVE-2018-0185

CVE-2018-0185 relates to multiple vulnerabilities in the Cisco IOS XE Software CLI parser . The issues arise because the affected CLI parser does not sufficiently sanitize command arguments before passing them to the Linux shell, allowing an authenticated, local attacker to submit a malicious CLI...

CVE-2018-0183

Cisco IOS XE Software for Cisco 4000 Series routers contains a local privilege-escalation (CVE-2018-0183) in the CLI parser. An authenticated attacker with privileged EXEC (level 15) can exploit crafted CLI arguments to gain access to the device’s underlying Linux shell and execute commands as ro...

CVE-2018-0182

Cisco IOS XE Software CLI Command Injection vulnerabilities (CVE-2018-0182) arise from insufficient sanitization of CLI arguments before passing them to the Linux shell. An authenticated, local attacker can exploit this via the CLI to gain access to the underlying Linux shell with root privileges...

CVE-2018-0176

Summary: CVE-2018-0176 describes multiple vulnerabilities in the CLI parser of Cisco IOS XE Software that can allow an authenticated, local attacker with user EXEC privileges to gain access to the device’s underlying Linux shell and execute arbitrary commands with root privileges. The root cause ...

CVE-2018-0169

Cisco IOS XE Software contains multiple CLI parser vulnerabilities that allow an authenticated, local attacker with user EXEC access to gain access to the device’s underlying Linux shell and execute arbitrary commands with root privileges. The issue stems from improper sanitization of CLI command...