15 matches found
Secator - The Pentester'S Swiss Knife
secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Features Curated list of commands Unified input options Unified output schema CLI and library...
The vulnerability of the Command Runner component of the Cisco DNA Center management center allows a attacker to execute arbitrary operating system commands.
The vulnerability of the Command Runner component of the Cisco DNA Center exists because measures to neutralize the special elements used in the operating system command are not taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands remotely...
Cisco DNA Center Command Injection Vulnerability
Cisco DNA Center is the network management and command center for Cisco DNA. A command injection vulnerability exists in the Command Runner tool in Cisco DNA Center versions prior to 1.3.1.0. The vulnerability stems from insufficient input validation of the Command Runner tool. An attacker could...
CVE-2021-1264
A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...
CVE-2021-1264
A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...
CVE-2021-1257
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...
CVE-2021-1257
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...
Cross site request forgery (csrf)
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...
Command injection
A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...
CVE-2021-1257 Cisco DNA Center Cross-Site Request Forgery Vulnerability
A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack to manipulate an authenticated user into executing malicious actions without their awareness or consent. The...
CVE-2021-1264 Cisco DNA Center Command Runner Command Injection Vulnerability
A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...
CVE-2021-1264 Cisco DNA Center Command Runner Command Injection Vulnerability
A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...
Cisco DNA Center Command Runner Command Injection Vulnerability
A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing craft...
PT-2021-1923 · Cisco · Cisco Dna Center
Name of the Vulnerable Software and Affected Versions: Cisco DNA Center affected versions not specified Description: A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The issue is due to insufficient...
Exploit for CVE-2020-11651
CVE-2020-11651 is a proof-of-concept PoC exploit for a vulnerability in the SaltStack master. The exploit is designed to obtain pre-auth RCE Remote Code Execution on a SaltStack master and all associated minions. The vulnerability is not explicitly stated in the provided code, but it is likely...