Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability
Vulnerability Description
A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficient validation of the content of upgrade packages. An attacker could exploit this vulnerability by uploading a malicious archive to the Upgrade page of the administrative web interface. A successful exploit could allow the attacker to execute code with user-level privileges on the underlying operating system.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco Expressway Series和TelePresence Video Communication Server 输入验证漏洞
Vulnerability Description
Cisco Expressway Series和TelePresence Video Communication Server(VCS)都是美国思科(Cisco)公司的视频会议服务器。 Cisco Expressway Series和TelePresence VCS中的管理Web界面存在输入验证漏洞,该漏洞源于程序没有充分的验证更新包的内容。远程攻击者可通过向更新页面发送恶意的归档文件利用该漏洞在底层操作系统上以用户级别的权限执行代码。
CVSS Information
N/A
Vulnerability Type
N/A