Lucene search
+L

4 matches found

CISA KEV Catalog
CISA KEV Catalog
added 2023/10/23 12:0 a.m.31 views

Cisco IOS XE Web UI Command Injection Vulnerability

Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited t...

7.2CVSS9.2AI score0.89634EPSS
In wildExploits11
Circl
Circl
added 2023/10/17 2:0 p.m.10 views

CVE-2021-1435

creationtimestamp| type| source ---|---|--- 2023-10-17 14:00:21+00:00| exploited| https://t.me/truesecator/4971 2023-10-17 18:20:34+00:00| exploited| https://t.me/BitLenta/19645 2023-10-21 14:57:23+00:00| exploited| https://t.me/itsecnews/3497 2023-10-22 07:24:39+00:00| exploited|...

9CVSS7.3AI score0.0794EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2021:1435-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
CVE
CVE
added 2021/03/24 8:5 p.m.248 views

CVE-2021-1435

CVE-2021-1435 affects Cisco IOS XE Software Web UI, allowing an authenticated attacker to inject and execute arbitrary commands as root due to insufficient input validation. Exploitation occurs via crafted requests to the Web UI; impact is root-level command execution. Cisco released advisories a...

9CVSS7.2AI score0.0794EPSS
In wildExploits0References1Affected Software1
Rows per page
Query Builder