Lucene search
K

1789 matches found

BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.5 views

The vulnerability of the Cisco IOS XE command-line interface allows a attacker to execute arbitrary commands on the underlying operating system.

The vulnerability of the Cisco IOS XE operating system’s command-line interface is related to authentication process errors. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the underlying operating system...

6.8CVSS5.9AI score0.00352EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.7 views

The vulnerability of the Cisco IOS XE command-line interface allows a attacker to compromise the integrity of the protected information.

The vulnerability of the Cisco IOS XE operating system’s command-line interface is related to security configuration errors. Exploiting this vulnerability can allow attackers to compromise the integrity of the protected information...

5.5CVSS5.5AI score0.00302EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/10/02 7:15 p.m.3 views

CVE-2019-12694

A vulnerability in the command line interface CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input...

6.7CVSS6.7AI score0.00425EPSS
Exploits0References1
OSV
OSV
added 2019/09/25 9:15 p.m.4 views

CVE-2019-12660

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...

5.5CVSS5.8AI score0.00302EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/09/25 12:0 a.m.5 views

PT-2019-3338 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the...

7.8CVSS6.7AI score0.00352EPSS
Exploits0References4
CNVD
CNVD
added 2019/09/04 12:0 a.m.3 views

Entropic Path Traversal Vulnerability

Entropic is a package registry with a command line interface. Entropic suffers from a path traversal vulnerability. The vulnerability stems from a failure of a networked system or product to properly filter for specific elements in a resource or file path. An attacker could use this vulnerability...

5.3CVSS7AI score0.01819EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/09/02 12:0 a.m.5 views

The vulnerability of the command-line interface (CLI) of Cisco Enterprise NFV Infrastructure Software (NFVIS) allows a attacker to read and modify arbitrary files on a vulnerable device.

The vulnerability of the command-line interface CLI of Cisco Enterprise NFV Infrastructure Software NFVIS is related to insufficient checking of arguments passed to certain CLI commands. Exploiting this vulnerability allows an attacker to read and modify arbitrary files on the vulnerable device...

6.8CVSS5.6AI score0.00716EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/09/02 12:0 a.m.5 views

The vulnerability of the command-line interface (CLI) of Cisco Enterprise NFV Infrastructure Software (NFVIS) allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the command-line interface CLI of Cisco Enterprise NFV Infrastructure Software NFVIS is related to insufficient testing of arguments passed to certain CLI commands. Exploiting this vulnerability could allow a attacker to execute arbitrary commands with root privileges...

6.8CVSS5.9AI score0.00499EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/08/22 12:0 a.m.4 views

Cisco Integrated Management Controller Operating System Command Injection Vulnerability (CNVD-2019-28403)

Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. There is a...

7.8CVSS8AI score0.00411EPSS
Exploits0References1
NVD
NVD
added 2019/08/21 7:15 p.m.18 views

CVE-2019-1883

A vulnerability in the command-line interface of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of...

7.8CVSS7.4AI score0.00411EPSS
Exploits0References1
OSV
OSV
added 2019/08/21 7:15 p.m.6 views

CVE-2019-1883

A vulnerability in the command-line interface of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of...

7.8CVSS7.3AI score0.00411EPSS
Exploits0References1
NVD
NVD
added 2019/08/01 1:15 p.m.14 views

CVE-2019-14337

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...

5.5CVSS5.6AI score0.00837EPSS
Exploits3References3
OSV
OSV
added 2019/08/01 1:15 p.m.5 views

CVE-2019-14337

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...

5.5CVSS6.1AI score0.00837EPSS
Exploits3References3
Prion
Prion
added 2019/08/01 1:15 p.m.15 views

Input validation

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...

2.1CVSS5.6AI score0.00837EPSS
Exploits3References3Affected Software2
Cvelist
Cvelist
added 2019/08/01 12:31 p.m.18 views

CVE-2019-14337

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...

5.6AI score0.00837EPSS
Exploits3References3
CVE
CVE
added 2019/08/01 12:31 p.m.47 views

CVE-2019-14337

CVE-2019-14337 affects D-Link 6600-AP and DWL-3600AP devices running firmware 4.2.0.14 (Ax). The issue enables escaping the restricted command-line interface to a shell, demonstrated by the /bin/sh -c wget sequence. Documented references include NVD (CVSS2/3.1), Red Hat and CNVD entries, and thir...

5.5CVSS5.5AI score0.00837EPSS
Exploits3References3Affected Software1
Packet Storm
Packet Storm
added 2019/07/31 12:0 a.m.207 views

D-Link 6600-AP XSS / DoS / Information Disclosure

Security Advisory - 22/07/2019 Multiple vulnerabilities found in the D-Link 6600-AP device running the latest firmware version 4.2.0.14. D-Link 6600-AP is not produced anymore but the support is still provided by D-Link as per described on the D-Link website. Not that this product is built for...

5.8AI score0.01954EPSS
Exploits8
BDU FSTEC
BDU FSTEC
added 2019/07/16 12:0 a.m.5 views

The vulnerability of the command-line interface of the Cisco Unified Communications Domain Manager allows a attacker to execute arbitrary commands.

The vulnerability of the command-line interface of the Cisco Unified Communications Domain Manager is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary commands...

5.3CVSS5.8AI score0.00321EPSS
Exploits0References3
NVD
NVD
added 2019/07/04 2:15 p.m.19 views

CVE-2018-20850

Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server...

8.2CVSS8.3AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/07/04 1:16 p.m.16 views

CVE-2018-20850

Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server...

8.4AI score0.00386EPSS
Exploits0References1
Rows per page
Query Builder