2 matches found
Cisco StarOS for Cisco ASR 5000 Series Routers Arbitrary File Read (cisco-sa-staros-file-read-L3RDvtey)
According to its self-reported version, the Cisco StarOS operating system on the remote Cisco ASR 5000 series router is affected by an arbitrary file read vulnerability due to insecure handling of symbolic links. An authenticated, remote attacker can exploit this, by sending a crafted SFTP comman...
CVE-2021-1145
CVE-2021-1145 affects Cisco StarOS for the Cisco ASR 5000 Series Routers. The vulnerability is due to insecure handling of symbolic links in Secure FTP (SFTP); with valid credentials, an authenticated attacker could read arbitrary files on the device by sending a crafted SFTP command. Cisco’s adv...