4 matches found
Cisco IOS XE Web UI Command Injection Vulnerability
Cisco IOS XE contains a command injection vulnerability in the web user interface. When chained with CVE-2023-20198, the attacker can leverage the new local user to elevate privilege to root and write the implant to the file system. Cisco identified CVE-2023-20273 as the vulnerability exploited t...
CVE-2021-1435
creationtimestamp| type| source ---|---|--- 2023-10-17 14:00:21+00:00| exploited| https://t.me/truesecator/4971 2023-10-17 18:20:34+00:00| exploited| https://t.me/BitLenta/19645 2023-10-21 14:57:23+00:00| exploited| https://t.me/itsecnews/3497 2023-10-22 07:24:39+00:00| exploited|...
SUSE: Security Advisory (SUSE-SU-2021:1435-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-1435
CVE-2021-1435 affects Cisco IOS XE Software Web UI, allowing an authenticated attacker to inject and execute arbitrary commands as root due to insufficient input validation. Exploitation occurs via crafted requests to the Web UI; impact is root-level command execution. Cisco released advisories a...