Cisco Firepower Threat Defense 输入验证错误漏洞

Cisco Firepower Threat Defense FTD is a suite of unified software from Cisco that provides next-generation firewall services. An input validation error vulnerability exists in Cisco Firepower Threat Defense Software that stems from incomplete validation of user input for specific CLI commands. An...

PT-2021-4882 · Cisco · Cisco Ftd

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to insufficient validation of command arguments in the Command Line Interface CLI of Cisco Firepower Threat Defense FTD Software. Th...

Cisco IOS XE SD-WAN Software 操作系统命令注入漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking applied to the Cisco IOS XE network operating system. An operating system command injection vulnerability exists in the Cisco IOS XE SD-WAN CLI that stems from insufficient input validation in the...

PYSEC-2021-380

Ops CLI version 2.0.4 and earlier is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkoutrepo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine...

Juniper Networks Junos OS 操作系统命令注入漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS suffers from an operating system command injection vulnerability that originates in the tcpdump...

Vulnerability fixed in SonicOS

SonicWall has fixed a vulnerability in SonicOS. A malicious party could potentially exploit the vulnerability to send a user on the vulnerable SonicWall system via a header redirection to a rogue website under the control of the malicious party's control. However, the rogue website and the...

Juniper Networks Junos OS 操作系统操作系统命令注入漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. Juniper Networks Junos OS suffers from an operating system command injection vulnerability that stems from a command...

Aruba Instant Path Traversal Vulnerability

Aruba Instant is a wireless network. Aruba Instant provides the only Wi-Fi solution that is easy to set up.A path traversal vulnerability exists in Aruba Instant, which stems from an input validation error when processing directory traversal sequences in the on-the-fly command line interface. An...

Aruba Instant 操作系统命令注入漏洞

Aruba Instant is a wireless network. Providing the only Wi-Fi solution that is easy to set up, Aruba Instant is vulnerable to a command injection vulnerability that stems from incorrect input validation in the command line interface. An attacker could exploit the vulnerability to escalate...

Aruba Instant 格式化字符串错误漏洞

Aruba Instant is a wireless network from Aruba USA. provides the only Wi-Fi solution that is easy to set up. Aruba Instant suffers from a Formatting String Error vulnerability that originates from a formatting string error in the Instant Command Line Interface. The vulnerability allows remote use...

Lancom Lcos 安全漏洞

Lancom Lcos is a Lancom operating system built for Lancom routers, wireless by Lancom Greece. versions 10.40 to 10.42.0473-RU3 of LCOS contain a security vulnerability that could be exploited by an attacker to change the root user password via the CLI...

Aruba Instant 操作系统命令注入漏洞

Aruba Instant is a wireless network from Aruba, Inc. provides the only Wi-Fi solution that is easy to set up.Aruba Instant is vulnerable to an operating system command injection vulnerability that stems from incorrect input validation in the command line interface. A remote authenticated attacker...

CVE-2021-34725 Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An...

The vulnerability of the CLI component of the Cisco IOS XR operating system, allowing a hacker to execute arbitrary commands

The vulnerability of the CLI component of the Cisco IOS XR operating system exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

Cisco IOS XE SD-WAN Software 安全漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking for the Cisco IOS XE network operating system. A security vulnerability exists in Cisco IOS XE SD-WAN Software, which is caused by insufficient validation of CLI command parameters. An attacker cou...

The vulnerability of the kernel of the Junos operating system’s CLI component, which allows a attacker to trigger an emergency shutdown of the application

The vulnerability of the kernel of the Junos operating system’s CLI component is related to memory release errors. Exploiting this vulnerability can allow an attacker to cause the application to terminate abnormally...

CVE-2021-34728

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

CVE-2021-36179

A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution...

Fortinet FortiWeb 操作系统命令注入漏洞

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

Fortinet FortiWeb 缓冲区错误漏洞

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...