Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
command injection vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20273
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote malicious user to inject commands with the privileges of root. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending c...
Cisco Ios Xe
Cisco Ios Xe
2 Metasploit modules
4 Github repositories
1 Article
NA
CVE-2023-20198
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previou...
Cisco Ios Xe
3 Metasploit modules
31 Github repositories
1 Article
4.3
CVSSv2
CVE-2020-3561
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote malicious user to inject arbitrary HTTP headers in the responses of the affected system....
Cisco Firepower Threat Defense
Cisco Adaptive Security Appliance
Cisco Adaptive Security Appliance Software
7.2
CVSSv2
CVE-2019-1709
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local malicious user to perform a command injection attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecti...
Cisco Firepower Threat Defense 6.2.0
Cisco Firepower Threat Defense 6.2.2
Cisco Firepower Threat Defense 6.0.0
Cisco Firepower Threat Defense 6.0.1
Cisco Firepower Threat Defense 6.1.0
Cisco Firepower Management Center 6.3.0
Cisco Firepower Threat Defense 6.2.1
Cisco Firepower Threat Defense 6.2.3
9
CVSSv2
CVE-2019-1756
A vulnerability in Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected software improperly sanitizes user-supplied inp...
Cisco Ios 11.0\\(20.3\\)
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.7.1b
Cisco Ios Xe 16.8.1
Cisco Ios 16.9\\(1\\)
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.7.2
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.7.3
Cisco Ios Xe 16.7.1a
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 3.2.0ja
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1e
9
CVSSv2
CVE-2019-1862
A vulnerability in the web-based user interface (Web UI) of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability occurs because the affected softwa...
Cisco Ios Xe 16.3.7
1 Article
8.5
CVSSv2
CVE-2021-1443
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sa...
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.1c
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1d
Cisco Ios Xe 16.10.1
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.2a
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.12.1
Cisco Ios Xe 16.11.1
Cisco Ios Xe 17.1.1
Cisco Ios Xe 16.11.1a
Cisco Ios Xe 16.12.1c
Cisco Ios Xe 16.12.1t
Cisco Ios Xe 16.11.2
Cisco Ios Xe 16.12.1s
Cisco Ios Xe 16.12.1a
Cisco Ios Xe 16.12.1x
Cisco Ios Xe 16.11.1c
Cisco Ios Xe 16.11.1b
Cisco Ios Xe 16.11.1s
9
CVSSv2
CVE-2019-1755
A vulnerability in the Web Services Management Agent (WSMA) function of Cisco IOS XE Software could allow an authenticated, remote malicious user to execute arbitrary Cisco IOS commands as a privilege level 15 user. The vulnerability occurs because the affected software improperl...
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 16.2.1
Cisco Ios Xe 16.4.3
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.1.3
Cisco Ios Xe 16.3.8
Cisco Ios Xe 16.2.2
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 3.6.10e
Cisco Ios Xe 16.4.2
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.3.2
Cisco Ios Xe 16.3.1a
Cisco Ios Xe 16.3.5
Cisco Ios Xe 16.7.1
Cisco Ios Xe 16.1.1
Cisco Ios Xe 16.1.2
Cisco Ios Xe 16.5.1
Cisco Ios Xe 16.3.4
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.4.1
9
CVSSv2
CVE-2022-20828
A vulnerability in the CLI parser of Cisco FirePOWER Software for Adaptive Security Appliance (ASA) FirePOWER module could allow an authenticated, remote malicious user to execute arbitrary commands on the underlying operating system of an affected ASA FirePOWER module as the roo...
Cisco Asa Firepower
1 Metasploit module
1 Github repository
1 Article
7.2
CVSSv2
CVE-2021-1452
A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical m...
Cisco Ios Xe Rom Monitor
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29758
CVE-2023-42931
unauthorized
CVE-2024-1540
unprivileged
CVE-2023-24955
CVE-2024-20259
logic flaw
CVE-2024-20333
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »