Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco StarOS Command Injection Vulnerability
Vulnerability Description
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to elevate privileges on an affected device. This vulnerability is due to insufficient input validation of CLI commands. An attacker could exploit this vulnerability by sending crafted commands to the CLI. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user. To exploit this vulnerability, an attacker would need to have valid administrative credentials on an affected device.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Vulnerability Title
Cisco StarOS 命令注入漏洞
Vulnerability Description
Cisco StarOS是美国思科(Cisco)公司的一套虚拟化操作系统。 Cisco StarOS存在命令注入漏洞,该漏洞允许经过身份验证的本地攻击者可利用该漏洞在受影响的设备上提升特权。此漏洞是由于CLI命令的输入验证不足造成的。攻击者可利用该漏洞可以通过向CLI发送精心设计的命令来利用这个漏洞。
CVSS Information
N/A
Vulnerability Type
N/A