39 matches found
EUVD-2019-10287
Malware in sbrugna...
EUVD-2017-3924
Malware in sbrugna...
EUVD-2020-24774
Malware in sbrugna...
EUVD-2019-4257
Malware in sbrugna...
HashiCorp Vagrant has code injection vulnerability through default synced folders
An authenticated virtual machine escape vulnerability exists in HashiCorp Vagrant versions 2.4.6 and below when using the default synced folder configuration. By design, Vagrant automatically mounts the host system’s project directory into the guest VM under /vagrant or C:\vagrant on Windows. Thi...
Cisco NX-OS Exposure of Resource to Wrong Sphere (CVE-2017-12351)
A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outside the scope of the guest shell container. An attacker would need valid administrator credentials to perform this attack. The vulnerability is due t...
Cisco NX-OS Software Bash Bypass Guest Shell (CVE-2019-1730)
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an authenticated, local attacker to bypass the limited command set of the restricted Guest Shell and execute commands at the privilege level of a network-admin user outside of the Guest Shell. The attacker must...
Cisco IOS XE Software Guest Shell Unauthorized File System Access (cisco-sa-unauth-file-access-eBTWkKVW)
According to its self-reported version, Cisco IOS XE Software is affected by an unauthorized file system access vulnerability in its guest shell component due to insufficient file system permissions. An authenticated, local attacker could exploit this, to view or modify restricted information or...
CVE-2020-3503
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could...
Design/Logic Flaw
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could...
CVE-2020-3503 Cisco IOS XE Software Guest Shell Unauthorized File System Access Vulnerability
A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. The vulnerability is due to insufficient file system permissions on an affected device. An attacker could...
PT-2020-4429 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration ...
Cisco NX-OS Software Bash Bypass Guest Shell (cisco-sa-20190515-nxos-bash-bypass)
According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability in the Bash shell implementation due to the incorrect implementation of a CLI command that allows a Bash command to be incorrectly invoked on the Guest Shell CLI. An authenticated, local attacker c...
Cisco IOS XE Software Path Traversal Vulnerability
According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the Guest Shell. The vulnerability could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to...
Cisco IOS XE Path Traversal Vulnerability
Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. A path traversal vulnerability exists in the Guest Shell of Cisco IOS XE. The vulnerability stems from incomplete validation of certain commands. An attacker can exploit this vulnerability to execute arbitrary...
Cisco IOS XE IOx Guest Shell Namespace Protection Vulnerability
Cisco IOS XE is a set of operating systems developed by Cisco for its network devices. An IOx Guest Shell namespace protection vulnerability exists in the file system of Cisco IOS XE. The vulnerability stems from insufficient file permissions. An attacker can exploit this vulnerability by modifyi...
CVE-2019-12670
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this...
CVE-2019-12670
A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker within the IOx Guest Shell to modify the namespace container protections on an affected device. The vulnerability is due to insufficient file permissions. An attacker could exploit this...
CVE-2019-12666
A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An attacker could exploit thi...
CVE-2019-12666
A vulnerability in the Guest Shell of Cisco IOS XE Software could allow an authenticated, local attacker to perform directory traversal on the base Linux operating system of Cisco IOS XE Software. The vulnerability is due to incomplete validation of certain commands. An attacker could exploit thi...