Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Software Privilege Escalation Vulnerability
Vulnerability Description
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated but unprivileged (level 1), remote attacker to run privileged Cisco IOS commands by using the web UI. The vulnerability is due to a failure to validate and sanitize input in Web Services Management Agent (WSMA) functions. An attacker could exploit this vulnerability by submitting a malicious payload to the affected device's web UI. A successful exploit could allow the lower-privileged attacker to execute arbitrary commands with higher privileges on the affected device.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco IOS XE 输入验证错误漏洞
Vulnerability Description
Cisco IOS XE是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XE中的Web UI存在输入验证漏洞,该漏洞程序没有验证及过滤输入。远程攻击者可通过提交恶意的payload利用该漏洞以较高权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A