2 matches found
Cisco Modeling Labs 2.1.1-b19 Remote Command Execution
Cisco Modeling Labs 2.1.1-b19 Post-Auth RCE Vulnerability CVE-2021-1531 ======= Details ======= Authenticated command injection in the web portal via the X-Original-File-Name header. Tested with portal 'admin' user who does not have a system login or SSH access, but likely works for any user who...
CVE-2021-1531
Cisco Modeling Labs Web UI Command Injection (CVE-2021-1531) is confirmed in multiple sources. The vulnerability arises from insufficient validation of user-supplied input in the web UI, enabling an authenticated remote attacker to inject and execute arbitrary commands on the underlying system as...