15 matches found
CVE-2025-4106
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...
EUVD-2025-35898
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...
CVE-2025-4106
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...
CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...
CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...
PT-2025-43675
Name of the Vulnerable Software and Affected Versions Fireware OS versions prior to 12.11.2 Description An authenticated administrator user with access to both the management WebUI and command line interface on a Firebox device can enable a diagnostic debug shell. This is achieved by uploading a...
Cisco IOS XE Software Diagnostic Shell Path Traversal Vulnerability (cisco-sa-20180207-ios)
According to its self-reported version, the Cisco IOS XE software running on the remote device is affected by a path traversal vulnerability. A flaw exists with the diagnostic shell due to improper validation of diagnostic shell commands. An authenticated attacker, with a specially craft command,...
CVE-2018-0123
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of...
Path traversal
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of...
CVE-2018-0123
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of...
CVE-2018-0123
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of...
CVE-2018-0123
A Path Traversal vulnerability in the diagnostic shell for Cisco IOS and IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of...
Cisco IOS and IOS XE Software Path Traversal Vulnerability
Cisco IOS and IOS XE Software are both operating systems developed by Cisco for its network devices. A path traversal vulnerability exists in the iagnostic shell in Cisco IOS and IOS XE Software, which stems from the program's failure to perform input validation on diagnostic shell commands. An...
Cisco IOS XE Software Diagnostic Shell Path Traversal Vulnerability
A vulnerability in the diagnostic shell for Cisco IOS XE Software could allow an authenticated, local attacker to use certain diagnostic shell commands that can overwrite system files. These system files may be sensitive and should not be able to be overwritten by a user of the diagnostic shell...
CVE-2010-1572
CVE-2010-1572 affects Cisco Application Extension Platform (AXP) versions 1.1 and 1.1.5 (upgraded from 1.1) on Cisco ISRs. A privilege escalation exists in the tech support diagnostic shell: an authenticated AXP user can use the API to execute commands and obtain complete administrative access, r...