4 matches found
Cisco Prime Infrastructure swimtemp TFTP Arbitrary File Upload (CVE-2018-15379)
An arbitrary file upload vulnerability exists in Cisco Prime Infrastructure. The vulnerability is due to the presence of a symbolic link permitting the upload of files into a location where they can be later executed. Successful exploitation could result in the execution of arbitrary code in the...
CVE-2018-15379
creationtimestamp| type| source ---|---|--- 2018-10-12 15:45:58+00:00| published-proof-of-concept| https://t.me/canyoupwnme/4563 2018-11-10 17:07:12+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/ciscoprimeinfrce.rb 2025-02-06 03:13:43+00:00|...
Cisco Prime Infrastructure TFTP Arbitrary File Upload and Command Execution Vulnerability (cisco-sa-20181003-pi-tftp)
The Cisco Prime Infrastructure application running on the remote host is affected by an arbitrary file upload flaw, which could lead to a remote code execution vulnerability. This is due to incorrect permissions for various system folders, which a file could be uploaded to via TFTP. The commands ...
CVE-2018-15379
Cisco Prime Infrastructure (PI) HTTP web server contains an arbitrary file upload flaw due to incorrect permissions on important directories. An unauthenticated, remote attacker can upload a file via TFTP and, depending on the system, execute commands with the prime user (no admin/root). Attack d...