Cisco Firepower Threat Defense Input Validation Error Vulnerability

Cisco Firepower Threat Defense FTD is a suite of unified software from the U.S. company Cisco Cisco that provides next-generation firewall services. An input validation error vulnerability exists in the CLI in Cisco FTD. A local attacker could exploit this vulnerability to execute commands with...

CVE-2019-15014

A command injection vulnerability exists in the Zingbox Inspector versions 1.286 and earlier, that allows for an authenticated user to execute arbitrary system commands in the CLI...

The vulnerability of the command-line interface of the Cisco FX-OS network operating system and the Cisco Firepower Threat Defense (FTD) network switches’ micro-programming software allows a attacker to execute arbitrary commands on the privileged root operating system.

The vulnerability of the command-line interface of the Cisco FX-OS network operating system and the Cisco Firepower Threat Defense FTD network interface micro-programming system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute...

Cisco Firepower Threat Defense Local Elevation of Privilege Vulnerability

Cisco Firepower Threat Defense is a suite of unified software that provides next-generation firewall services. A security vulnerability exists in the Cisco Firepower Threat Defense CLI that allows a local attacker to exploit the vulnerability by submitting a special request to gain ROOT privilege...

Multiple OS command injection vulnerabilities in DBA-1510P

Overview DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 OS command injection vulnerability in Web User Interface CWE-78 - CVE-2019-6014 Katsuhiko...

JVN#95875796: Multiple OS command injection vulnerabilities in DBA-1510P

DBA-1510P provided by D-Link Japan K.K. contains multiple OS command injection vulnerabilities listed below. OS command injection vulnerability in Command Line Interface CLI CWE-78 - CVE-2019-6013 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H| Base Score...

The vulnerability of the Cisco IOS XE command-line interface allows a attacker to execute arbitrary commands on the underlying operating system.

The vulnerability of the Cisco IOS XE operating system’s command-line interface is related to authentication process errors. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the underlying operating system...

The vulnerability of the Cisco IOS XE command-line interface allows a attacker to compromise the integrity of the protected information.

The vulnerability of the Cisco IOS XE operating system’s command-line interface is related to security configuration errors. Exploiting this vulnerability can allow attackers to compromise the integrity of the protected information...

CVE-2019-12694

A vulnerability in the command line interface CLI of Cisco Firepower Threat Defense FTD Software could allow an authenticated, local attacker with administrative privileges to execute commands on the underlying operating system with root privileges. The vulnerability is due to insufficient input...

CVE-2019-12660

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to write values to the underlying memory of an affected device. The vulnerability is due to improper input validation and authorization of specific commands that a user can execute within the CLI. An...

PT-2019-3338 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the...

Entropic Path Traversal Vulnerability

Entropic is a package registry with a command line interface. Entropic suffers from a path traversal vulnerability. The vulnerability stems from a failure of a networked system or product to properly filter for specific elements in a resource or file path. An attacker could use this vulnerability...

The vulnerability of the command-line interface (CLI) of Cisco Enterprise NFV Infrastructure Software (NFVIS) allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the command-line interface CLI of Cisco Enterprise NFV Infrastructure Software NFVIS is related to insufficient testing of arguments passed to certain CLI commands. Exploiting this vulnerability could allow a attacker to execute arbitrary commands with root privileges...

The vulnerability of the command-line interface (CLI) of Cisco Enterprise NFV Infrastructure Software (NFVIS) allows a attacker to read and modify arbitrary files on a vulnerable device.

The vulnerability of the command-line interface CLI of Cisco Enterprise NFV Infrastructure Software NFVIS is related to insufficient checking of arguments passed to certain CLI commands. Exploiting this vulnerability allows an attacker to read and modify arbitrary files on the vulnerable device...

Cisco Integrated Management Controller Operating System Command Injection Vulnerability (CNVD-2019-28403)

Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. There is a...

CVE-2019-1883

A vulnerability in the command-line interface of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of...

CVE-2019-1883

A vulnerability in the command-line interface of Cisco Integrated Management Controller IMC could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to insufficient validation of...

CVE-2019-14337

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...

CVE-2019-14337

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...

Input validation

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is an ability to escape to a shell in the restricted command line interface, as demonstrated by the /bin/sh -c wget sequence...