Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Packet Tracer for Windows DLL Injection Vulnerability
Vulnerability Description
A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path on the system, which can cause a malicious DLL file to be loaded when the application starts. A successful exploit could allow an attacker with normal user privileges to execute arbitrary code on the affected system with the privileges of another user’s account.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Cisco Packet Tracer代码问题漏洞
Vulnerability Description
Cisco Packet Tracer是美国思科(Cisco)公司的Cisco Packet Tracer 是思科打造的一款强大的网络模拟工具,可为用户提供真实操作经验。您可以通过它练习使用路由器、交换机和其他各种设备构建简单或复杂的网络,或者尝试为智慧城市、家庭和企业设计互联解决方案。 Cisco Packet Tracer 在Windows上存在代码问题漏洞,该漏洞源于运行时对目录路径的处理不正确。该漏洞可能允许经过身份验证的本地攻击者对受影响的设备执行 DLL 注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A