2 matches found
Cisco DNA Spaces Connector Command Injection Vulnerability (cisco-sa-dna-cmd-injection-rrAYzOwc)
A command injection vulnerability exists in Cisco DNA Spaces Connector due to insufficient validation of user-supplied input in the web-based management interface. An unauthenticated, remote attacker can exploit this, by sending crafted HTTP requests to the web-based management interface, to...
CVE-2020-3586
Cisco DNA Spaces Connector exposes a vulnerability in its web-based management interface that allows unauthenticated remote command execution due to insufficient input validation. A crafted HTTP request can run arbitrary OS commands with the web app’s privileges, potentially impacting integrity a...