all InfoSec news
CVE-2023-20231 (catalyst_9100_firmware, catalyst_9105_firmware, catalyst_9105ax_firmware, catalyst_9105axi_firmware, catalyst_9105axw_firmware, catalyst_9105i_firmware, catalyst_9105w_firmware, catalyst_9115_ap_firmware, catalyst_9115_firmware, catal
Sept. 27, 2023, 6:15 p.m. |
National Vulnerability Database web.nvd.nist.gov
This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with level 15 privileges.
Note: This vulnerability is exploitable only if the attacker obtains the credentials …
attack attacker cisco cisco ios cisco ios xe cve device exploit injection injection attack input input validation ios software the web validation vulnerability web
More from web.nvd.nist.gov / National Vulnerability Database
CVE-2023-21380 (android)
6 months ago |
web.nvd.nist.gov
CVE-2023-21381 (android)
6 months ago |
web.nvd.nist.gov
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Offensive Security Engineer
@ Ivanti | United States, Remote
Senior Security Engineer I
@ Samsara | Remote - US
Senior Principal Information System Security Engineer
@ Chameleon Consulting Group | Herndon, VA
Junior Detections Engineer
@ Kandji | San Francisco
Data Security Engineer/ Architect - Remote United States
@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700