Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbitrary commands by appending crafted strings to values in GUI fields, aka Bug IDs CSCug40609, CSCug48855, CSCug48921, CSCug48872, CSCuh21103, CSCuh21020, and CSCug56790.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款思科产品Web框架操作系统命令注入漏洞
Vulnerability Description
Cisco Wide Area Application Services(WAAS)是美国思科(Cisco)公司的一套广域网链路加速软件。该软件主要用于带宽小和延时大的链路环境。 多款思科产品在配置为中心管理模式中运行时,Web框架内存在安全漏洞。远程经过授权的攻击者可通过登录到受影响系统的GUI并追加任意代码值传递到系统,利用该漏洞在受影响系统上和受影响系统管理的设备上执行任意命令。以下版本受到影响:Cisco WAAS Software 4.x之前的版本和5.0.3e之前的5.x版本,5.1.1c之前
CVSS Information
N/A
Vulnerability Type
N/A