The vulnerability of the command-line interface (CLI) of the vManage web interface for programmatically defined Cisco SD-WAN networks allows a malicious actor to execute arbitrary commands with root privileges.

The vulnerability of the command-line interface CLI of the vManage web interface for the Cisco SD-WAN network is due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary commands with root privileges...

The vulnerability of the CLI component of the PAN-OS operating system allows attackers to enhance their privileges.

The vulnerability of the CLI component in the PAN-OS operating system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability can allow attackers to enhance their privileges...

PT-2020-3123 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: The issue is related to insufficient input validation in the CLI of the software, allowing an authenticated, local attacker to inject arbitrary commands that are...

CVE-2020-11952

An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. Attackers can bypass the CLI menu...

Palo Alto Networks PAN-OS 9.1.x < 9.1.3 Integer Underflow Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 9.1.x prior to 9.1.3. It is, therefore, affected by an integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface. This allows authenticated administrators to issue a command from the command...

Integer overflow

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service ...

CVE-2020-2031 PAN-OS: Integer underflow in the management interface

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service ...

Design/Logic Flaw

Exposure of Sensitive Information in McAfee Network Security Management NSM prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface CLI...

pocsuite

This is a Python-based framework for remote vulnerability testing and proof-of-concept development, known as Pocsuite. It is developed by the Knownsec Security Team and comes with a powerful proof-of-concept engine, many niche features for penetration testers and security researchers. The framewo...

Pocsuite

This repository is an offensive tool for penetration testing and vulnerability assessment. It is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec Security Team. The primary purpose of this tool is to assist penetration testers and...

CVE-2020-3362

A vulnerability in the CLI of Cisco Network Services Orchestrator NSO could allow an authenticated, local attacker to access confidential information on an affected device. The vulnerability is due to a timing issue in the processing of CLI commands. An attacker could exploit this vulnerability b...

Cisco Enterprise NFV Infrastructure Software Path Traversal Vulnerability (CNVD-2020-41804)

Cisco Enterprise NFV Infrastructure Software NFVIS is a suite of NVF infrastructure software platforms from Cisco. The platform can be achieved through the central coordinator and controller of the virtualization services of the full lifecycle management. A path traversal vulnerability exists in...

Cisco Network Services Orchestrator Information Disclosure Vulnerability

Cisco Network Services Orchestrator NSO is the United States Cisco Cisco company's set of network automation services solutions. An information disclosure vulnerability exists in the CLI in Cisco NSO Release prior to 4.7.7.3 and Release prior to 5.1.4.2. A local attacker could exploit this...

CVE-2020-9289

Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager 6.2.3 and below, FortiAnalyzer 6.2.3 and below may allow an attacker with access to the CLI configuration or the CLI backup file to decrypt the sensitive data, via knowledge of the hard-coded key...

MGASA-2020-0260 Updated networkmanager packages fix security vulnerability

It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a new profile. When a user connects to a network using this profile, the authentication does not happen and the connection is made insecurely...

The vulnerability of the CLI component of the Cisco IOS operating system, related to the lack of measures taken to clean data at the management level, allows a perpetrator to gain access to the system and execute arbitrary commands with root privileges.

The vulnerability of the Cisco IOS operating system’s CLI component is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow an attacker to gain access to the system and execute arbitrary commands with root privileges...

PRET

The repository michaelxiaxc/PRET is a Printer Exploitation Toolkit that allows users to test the security of their printers. The tool connects to a device via network or USB and exploits the features of a given printer language, currently supporting PostScript, PJL, and PCL. The main idea of PRET...

Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco 1000 Series Connected Grid Routers IOS Software Command Injection Vulnerability

Cisco IOS is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in IOS Software in Cisco 809 Industrial ISRs, 829 Industrial ISRs, and Cisco 1000 Series Connected Grid Routers CGR1000, which stems from the...

NetworkManager Access Control Error Vulnerability

NetworkManager is a network management daemon. A security vulnerability exists in NetworkManager that stems from the fact that nmcli command line interface does not enforce the 802-1x.ca-path and 802-1x.phase2-ca-path settings. No details of the vulnerability are available at this time...

How to configure antivirus configuration XML file for secure restore

Challenge The article provides information on adding additional antivirus options to Veeam Backup & Replication Secure Restore. NOTE : When adding an antivirus that is not already predefined, you may need to contact the antivirus vendor for assistance to gather the required attributes and exit...