2 matches found
Cisco IOS XE Software Web UI Command Injection (cisco-sa-webui-cmdij-FzZAeXAy)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient...
CVE-2023-20231
CVE-2023-20231 affects Cisco IOS XE Software web UI. The issue is an input validation flaw in the Web UI that can let an authenticated, remote attacker craft input to execute arbitrary Cisco IOS XE CLI commands with level 15 privileges. Exploitation requires credentials for a Lobby Ambassador acc...