2 matches found
CVE-2023-20036
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. This vulnerability is due to improper input validation when uploading a Device Pack. An...
CVE-2023-20036
CVE-2023-20036 affects Cisco Industrial Network Director (IND). The issue is in the web UI and arises from improper input validation during Device Pack uploads, allowing an authenticated, remote attacker to inject commands and execute arbitrary code with NT AUTHORITY\SYSTEM privileges on the devi...