14 matches found
EUVD-2016-2489
Malware in sbrugna...
EUVD-2016-2487
Malware in sbrugna...
EUVD-2016-2469
Malware in sbrugna...
Cisco Prime Network Analysis Module Graph Directory Traversal (CVE-2017-12285)
A directory traversal vulnerability exists in the Cisco Prime Network Analysis Module. The vulnerability is due to the way Cisco Prime Network Analysis Module handles input validation. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted packet to the target...
Cisco Prime Network Analysis Module graph sfile Parameter Directory Traversal Arbitrary File Deletion Vulnerability
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of Cisco Prime Network Analysis Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within graph.php. When parsing the sfile parameter, the script does not...
CVE-2016-1391
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID...
Design/Logic Flaw
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow local users to obtain root access via crafted CLI input, aka Bug ID CSCuy21892...
CVE-2016-1390
Cisco Prime Network Analysis Module (NAM) and Cisco Prime Virtual Network Analysis Module (vNAM) are affected by CVE-2016-1390. The issue arises from insufficient sanitization of CLI input, allowing a local, authenticated attacker to obtain root privileges by crafting input that is processed by t...
CVE-2016-1391
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.22 allow remote authenticated users to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID...
CVE-2016-1388
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882...
Input validation
Cisco Prime Network Analysis Module NAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 and Prime Virtual Network Analysis Module vNAM before 6.11 patch.6.1-2-final and 6.2.x before 6.21 allow remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CSCuy21882...
CVE-2016-1388
CVE-2016-1388 affects Cisco Prime Network Analysis Module (NAM) and Prime Virtual Network Analysis Module (vNAM). Affected versions allow remote attackers to execute arbitrary OS commands via a crafted HTTP request due to improper input handling. Exploitation status is not detailed in the provide...
Cisco Prime Network Analysis Module Authenticated Remote Code Execution Vulnerability
A vulnerability in the web interface of Cisco Prime Network Analysis Module NAM and Cisco Prime Virtual Network Analysis Module vNAM could allow an authenticated, remote attacker to execute arbitrary commands or code on the host operating system with the privileges of the web server. The...
Cisco Prime Network Analysis Module Local Command Injection Vulnerability
A vulnerability in the command-line interface CLI of Cisco Prime Network Analysis Module NAM and Cisco Prime Virtual Network Analysis Module vNAM could allow a local, authenticated attacker to execute arbitrary commands on the host operating system with elevated privileges. The vulnerability is d...