2 matches found
Cisco SD-WAN Solution Command Injection (cisco-sa-sdwclici-cvrQpH9v)
According to its self-reported version, Cisco SD-WAN Solution is affected by a command injection vulnerability due to insufficient input validation. An authenticated, local attacker can exploit this, by authenticating to the device and submitting crafted input to the CLI utility, in order to inje...
CVE-2020-3266
CVE-2020-3266 affects Cisco SD-WAN Solution CLI command injection via insufficient input validation. An authenticated, local attacker can submit crafted input to the CLI utility, resulting in arbitrary commands executed with root privileges. The vulnerability is documented across multiple sources...