2 matches found
Cisco Prime Infrastructure任意命令执行漏洞(CVE-2014-0679)
BUGTRAQ ID: 65816 CVECAN ID: CVE-2014-0679 Cisco Prime Infrastructure是通过思科技术LMS和NCS进行无线管理的解决方案。 Cisco Prime Infrastructure没有正确验证URL请求,未经身份验证的远程攻击者可以root级别的权限执行任意命令。 0 Cisco Prime Infrastructure 2.0 Cisco Prime Infrastructure 1.4 Cisco Prime Infrastructure 1.3 Cisco Prime Infrastructure 1.2 厂商补丁:...
CVE-2014-0679
Cisco Prime Infrastructure versions 1.2/1.3 before 1.3.0.20-2, 1.4 before 1.4.0.45-2, and 2.0 before 2.0.0.0.294-2 are affected by CVE-2014-0679 due to improper validation of URL requests. An authenticated, remote attacker could exploit an unspecified URL to execute arbitrary commands with root p...