Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco SD-WAN vManage Software Arbitrary File Creation Vulnerability
Vulnerability Description
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is due to improper validation of requests to APIs. An attacker could exploit this vulnerability by sending malicious requests to an API within the affected application. A successful exploit could allow the attacker to conduct directory traversal attacks and write files to an arbitrary location on the targeted system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Cisco SD-WAN vManage Software 路径遍历漏洞
Vulnerability Description
Cisco SD-WAN vManage Software是美国思科(Cisco)公司的一款用于SD-WAN(软件定义广域网络)解决方案的管理软件。 Cisco SD-WAN vManage中的application data endpoints存在路径遍历漏洞,该漏洞允许经过身份验证的远程攻击者将任意文件写入受影响的系统。
CVSS Information
N/A
Vulnerability Type
N/A