Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Software Command Injection Vulnerability
Vulnerability Description
A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperly sanitizes user-supplied input. An attacker could exploit this vulnerability by submitting crafted HTTP requests to the targeted application. A successful exploit could allow the attacker to execute arbitrary commands on the affected device.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cisco IOS XE 输入验证错误漏洞
Vulnerability Description
Cisco IOS XE是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco?IOS XE中的Web Services Management Agent (WSMA)功能存在输入验证漏洞,该漏洞源于程序没有正确地过滤用户提交的输入。当Web服务器功能被启用时,远程攻击者可通过提交特制的HTTP请求利用该漏洞以特权级别为15的用户身份执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A