[SECURITY] Fedora 35 Update: doctl-1.73.0-2.fc35

The official command line interface for the DigitalOcean API...

The vulnerability of the command-line interface of Cisco’s software-hardware devices, allowing a hacker to execute any command they desire

The vulnerability of the command-line interface of Cisco’s software-hardware devices exists because measures are not taken to neutralize the special elements used in the operating system command. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

CVE-2022-20681

A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validatio...

CVE-2022-20716

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain escalated privileges. This vulnerability is due to improper access control on files within the affected system. A local attacker could exploit this vulnerability by modifying certain files on...

Cisco SD-WAN 安全漏洞

Cisco SD-WAN is a highly secure cloud-scale architecture from Cisco USA that is open, programmable, and scalable. an elevation of privilege vulnerability exists in Cisco SD-WAN, which stems from an incorrect programmatic call to a high-level native procedure. An attacker could exploit the...

Cisco IOS XE Software安全漏洞

Cisco IOS XE is a set of operating systems developed by Cisco for its network devices.Cisco IOS XE has an elevation of privilege vulnerability, which stems from a user executing certain CLI commands without adequately verifying user privileges, and can be exploited by attackers to cause elevation...

Citrix SD-WAN 信任管理问题漏洞

Citrix SD-WAN is a networking product from Citrix, Inc. It virtualizes and optimizes enterprise site-to-site networks. A security vulnerability exists in Citrix SD-WAN that stems from hard-coded credentials that allow administrators to access the shell via the SD-WAN CLI...

PT-2022-2745 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers affected versions not specified Description: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated,...

CVE-2022-1262

A command injection vulnerability in the protest binary allows an attacker with access to the remote command line interface to execute arbitrary commands as root...

CVE-2022-20665

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

The vulnerability of the command line interface of fish, related to deficiencies in the process of neutralizing special elements in the output data, allows a hacker to execute arbitrary code.

The vulnerability of the fish command-line interface is related to deficiencies in the process of neutralizing special elements in the output data. Exploiting this vulnerability allows an attacker to execute arbitrary code...

The vulnerability of the Fortinet FortiAP-C console’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the Fortinet FortiAP-C console software involves the lack of measures taken to neutralize special elements used in the operating system’s command line interface. Exploiting this vulnerability allows an attacker to execute arbitrary commands through the CLI command line...

NETGEAR Multiple Routers Remote Code Execution Vulnerability

NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution...

CVE-2022-20665

A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A...

Path traversal

Multiple authenticated remote path traversal vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...

CVE-2022-20762

A vulnerability in the Common Execution Environment CEE ConfD CLI of Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure SMI software could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to insufficient access control in...

Fortinet FortiAP 操作系统命令注入漏洞

Fortinet FortiAP, a Fortinet controller for managing wireless access point devices, is vulnerable to an operating system command injection vulnerability that stems from the lack of valid escaping and filtering of special elements used in the FortiAP-C console, which could be exploited by an...

PT-2022-1962 · Cisco · Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure

Name of the Vulnerable Software and Affected Versions: Cisco Ultra Cloud Core - Subscriber Microservices Infrastructure SMI affected versions not specified Description: The issue is related to insufficient access control in the Common Execution Environment CEE ConfD CLI, which could allow an...

BruteShark - Network Analysis Tool

BruteShark is a Network Forensic Analysis Tool NFAT that performs deep processing and inspection of network traffic mainly PCAP files, but it also capable of directly live capturing from a network interface. It includes: password extracting, building a network map, reconstruct TCP sessions, extra...

Aruba AOS-CX 命令注入漏洞

Aruba AOS-CX is a modern programmable network from Aruba, USA. A security vulnerability exists in the Aruba AOS-CX that can be exploited by an attacker to run code through the command line interface...