Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Software Web UI Command Injection Vulnerability
Vulnerability Description
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted request to the web UI of an affected device with arbitrary commands injected into a portion of the request. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
CVSS Information
N/A
Vulnerability Type
对路径名的限制不恰当(路径遍历)
Vulnerability Title
Cisco IOS XE Software 路径遍历漏洞
Vulnerability Description
Cisco IOS XE Software是美国思科(Cisco)公司的一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在路径遍历漏洞,该漏洞源于输入验证不足。攻击者可利用该漏洞注入任意命令。
CVSS Information
N/A
Vulnerability Type
N/A