Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server CLI Command Injection Vulnerability
Vulnerability Description
A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The attacker must have valid user credentials at privilege level 15. The vulnerability is due to insufficient validation of arguments that are passed to specific VDS-related CLI commands. An attacker could exploit this vulnerability by authenticating to the targeted device and including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user.
CVSS Information
N/A
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Cisco 809 Industrial ISRs、829 Industrial ISRs和Cisco 1000 Series Connected Grid Routers IOS Software 操作系统命令注入漏洞
Vulnerability Description
Cisco IOS和Cisco 1000 Series Connected Grid Routers(CGR1000)都是美国思科(Cisco)公司的产品。Cisco 1000 Series Connected Grid Routers是一款1000系列互联网格路由器。Cisco IOS Software是运行在其中的一套为其网络设备开发的软件。Cisco 1000 Series Connected Grid Routers是一款1000系列互联网格路由器。Cisco IOS是一套为其网络设备开发的操作系
CVSS Information
N/A
Vulnerability Type
N/A