Acreditamos que esta é a página você estava procurando. Veja o resultado da pesquisa ao invés de:

Cisco IOS XE WebUI Authenticated Command Injection

Strike ID:
E19-7osr1
CVSS:
8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
3
Year:
2019

Description

This strike exploits a command injection vulnerability in the WebUI component of Cisco IOS XE. The vulnerability is due to improper validation of user-supplied form data via the WebUI. A user with low privilege access can exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation results in the execution of Cisco console commands with administrative privileges.

CVE

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12651

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection