Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-20295

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-24 Apr, 2024 | 19:41
Updated At-01 Aug, 2024 | 21:59
Rejected At-
Credits

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:24 Apr, 2024 | 19:41
Updated At:01 Aug, 2024 | 21:59
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Unified Computing System (Standalone)
Versions
Affected
  • 3.0(1c)
  • 3.0(1d)
  • 3.0(2b)
  • 3.0(3a)
  • 3.0(3b)
  • 3.0(3c)
  • 3.0(3e)
  • 3.0(3f)
  • 3.0(4a)
  • 3.0(4d)
  • 3.0(4e)
  • 3.0(4i)
  • 3.0(4j)
  • 3.0(4k)
  • 3.0(4l)
  • 3.0(4m)
  • 3.0(4n)
  • 3.0(4o)
  • 3.0(4p)
  • 3.0(4q)
  • 3.0(4r)
  • 3.0(4s)
  • 2.0(10b)
  • 2.0(10c)
  • 2.0(10e)
  • 2.0(10f)
  • 2.0(10g)
  • 2.0(10h)
  • 2.0(10i)
  • 2.0(10k)
  • 2.0(10l)
  • 2.0(12b)
  • 2.0(12c)
  • 2.0(12d)
  • 2.0(12e)
  • 2.0(12f)
  • 2.0(12g)
  • 2.0(12h)
  • 2.0(12i)
  • 2.0(13e)
  • 2.0(13f)
  • 2.0(13h)
  • 2.0(13i)
  • 2.0(13k)
  • 2.0(13n)
  • 2.0(13o)
  • 2.0(13p)
  • 2.0(13q)
  • 2.0(1a)
  • 2.0(1b)
  • 2.0(3d)1
  • 2.0(3d)2
  • 2.0(3e)1
  • 2.0(3f)3
  • 2.0(3i)
  • 2.0(3j)1
  • 2.0(4c)
  • 2.0(4c)1
  • 2.0(6d)
  • 2.0(6f)
  • 2.0(8d)
  • 2.0(8e)
  • 2.0(8g)
  • 2.0(8h)
  • 2.0(9c)
  • 2.0(9e)
  • 2.0(9f)
  • 2.0(9l)
  • 2.0(9m)
  • 2.0(9n)
  • 2.0(9o)
  • 2.0(9p)
  • 3.1(1d)
  • 3.1(2b)
  • 3.1(2c)
  • 3.1(2d)
  • 3.1(2e)
  • 3.1(2g)
  • 3.1(2i)
  • 3.1(3a)
  • 3.1(3b)
  • 3.1(3c)
  • 3.1(3d)
  • 3.1(3g)
  • 3.1(3h)
  • 3.1(3i)
  • 3.1(3j)
  • 3.1(3k)
  • 4.0(1.240)
  • 4.0(1a)
  • 4.0(1b)
  • 4.0(1c)
  • 4.0(1d)
  • 4.0(1e)
  • 4.0(1g)
  • 4.0(1h)
  • 4.0(2c)
  • 4.0(2d)
  • 4.0(2f)
  • 4.0(2g)
  • 4.0(2h)
  • 4.0(2i)
  • 4.0(2l)
  • 4.0(2n)
  • 4.0(4b)
  • 4.0(4c)
  • 4.0(4d)
  • 4.0(4e)
  • 4.0(4f)
  • 4.0(4h)
  • 4.0(4i)
  • 4.0(4k)
  • 4.0(4l)
  • 4.0(4m)
  • 4.0(2o)
  • 4.0(2p)
  • 4.0(4n)
  • 4.0(2q)
  • 4.0(2r)
  • 4.1(1c)
  • 4.1(1d)
  • 4.1(1f)
  • 4.1(1g)
  • 4.1(2a)
  • 4.1(1h)
  • 4.1(2b)
  • 4.1(2f)
  • 4.1(2e)
  • 4.1(3b)
  • 4.1(2d)
  • 4.1(3c)
  • 4.1(3d)
  • 4.1(2g)
  • 4.1(3f)
  • 4.1(2h)
  • 4.1(2j)
  • 4.1(2k)
  • 4.1(2l)
  • 4.1(3h)
  • 4.1(3i)
  • 4.1(3l)
  • 4.2(1a)
  • 4.2(1b)
  • 4.2(1c)
  • 4.2(1e)
  • 4.2(1f)
  • 4.2(1g)
  • 4.2(1i)
  • 4.2(1j)
  • 4.2(2a)
  • 4.2(2f)
  • 4.2(2g)
  • 4.2(3b)
  • 4.2(3d)
  • 4.2(3e)
  • 4.2(3g)
  • 4.2(3h)
  • 4.2(3i)
  • 4.3(1.230097)
  • 4.3(1.230124)
  • 4.3(1.230138)
  • 4.3(2.230207)
  • 4.3(2.230270)
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Unified Computing System E-Series Software (UCSE)
Versions
Affected
  • N/A
Problem Types
TypeCWE IDDescription
cweCWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Type: cwe
CWE ID: CWE-78
Description: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Metrics
VersionBase scoreBase severityVector
3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerability that is described in this advisory. The Cisco PSIRT is not aware of any malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
Cisco Systems, Inc.cisco
Product
unified_computing_system
CPEs
  • cpe:2.3:a:cisco:unified_computing_system:-:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 2 through 4.3 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
Resource:
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:24 Apr, 2024 | 20:15
Updated At:15 Apr, 2026 | 00:35

A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-78Secondarypsirt@cisco.com
CWE ID: CWE-78
Type: Secondary
Source: psirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJpsirt@cisco.com
N/A
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
Source: psirt@cisco.com
Resource: N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cimc-cmd-inj-mUx4c5AJ
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

359Records found
CVE-2025-20138
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.13% / 32.35%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 16:12
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20175
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 26.83%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 17:13
Updated-16 Dec, 2025 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2024-20398
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.24% / 46.93%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-03 Oct, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Local Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to obtain read/write file system access on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Softwareios_xr_software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2026-20040
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.05% / 16.86%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 16:31
Updated-12 Mar, 2026 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-20655
Matching Score-10
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-10
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.40% / 61.25%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:56
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient validation of a process argument on an affected device. An attacker could exploit this vulnerability by injecting commands during the execution of this process. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privilege level of ConfD, which is commonly root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco SD-WAN vEdge RouterCisco Ultra Gateway PlatformCisco IOS XE Catalyst SD-WANCisco Network Services OrchestratorCisco Carrier Packet TransportCisco Enterprise NFV Infrastructure SoftwareCisco Catalyst SD-WAN ManagerCisco IOS XR SoftwareCisco Virtual Topology System (VTS)Cisco Catalyst SD-WANvirtual_topology_systemnetwork_services_orchestratorsd-wan_vedge_routerenterprise_nfv_infrastructure_softwareios_xe_catalyst_sd-wanios_xr_softwarecarrier_packet_transportcatalyst_sd-wan_manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20038
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.04% / 13.77%
||
7 Day CHG~0.00%
Published-19 Jan, 2023 | 01:34
Updated-28 Oct, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the monitoring application of Cisco Industrial Network Director could allow an authenticated, local attacker to access a static secret key used to store both local data and credentials for accessing remote systems. This vulnerability is due to a static key value stored in the application used to encrypt application data and remote credentials. An attacker could exploit this vulnerability by gaining local access to the server Cisco Industrial Network Director is installed on. A successful exploit could allow the attacker to decrypt data allowing the attacker to access remote systems monitored by Cisco Industrial Network Director.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-industrial_network_directorCisco Industrial Network Director
CWE ID-CWE-321
Use of Hard-coded Cryptographic Key
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2024-20435
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 27.80%
||
7 Day CHG~0.00%
Published-17 Jul, 2024 | 16:27
Updated-08 Aug, 2025 | 01:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root. This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_web_appliance_virtual_s1000vsecure_web_appliance_virtual_s600vsecure_web_appliance_virtual_s300vasyncossecure_web_appliance_s196secure_web_appliance_s396secure_web_appliance_s696secure_web_appliance_virtual_s100vCisco Secure Web Appliancesecure_web_appliance
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2024-20285
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.84%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-22 Oct, 2024 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-653
Improper Isolation or Compartmentalization
CVE-2026-20046
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.03% / 10.33%
||
7 Day CHG~0.00%
Published-11 Mar, 2026 | 16:31
Updated-12 Mar, 2026 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker with a low-privileged account could exploit this vulnerability by using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on an affected device without authorization checks.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CVE-2020-3234
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.05% / 14.80%
||
7 Day CHG~0.00%
Published-03 Jun, 2020 | 17:55
Updated-15 Nov, 2024 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Software for Cisco Industrial Routers Virtual Device Server Static Credentials Vulnerability

A vulnerability in the virtual console authentication of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated but low-privileged, local attacker to log in to the Virtual Device Server (VDS) of an affected device by using a set of default credentials. The vulnerability is due to the presence of weak, hard-coded credentials. An attacker could exploit this vulnerability by authenticating to the targeted device and then connecting to VDS through the device’s virtual console by using the static credentials. A successful exploit could allow the attacker to access the Linux shell of VDS as the root user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios11201240829809Cisco IOS 12.2(60)EZ16
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2020-3115
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.14% / 33.99%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:31
Updated-15 Nov, 2024 | 17:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Solution Local Privilege Escalation Vulnerability

A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system. An exploit could allow the attacker to elevate privileges to root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-100bvedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmCisco SD-WAN Solution
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-20286
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.84%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-22 Oct, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2024-20284
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.10% / 27.84%
||
7 Day CHG~0.00%
Published-28 Aug, 2024 | 16:37
Updated-17 Oct, 2024 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Python Parser Escape Vulnerability

A vulnerability in the Python interpreter of Cisco NX-OS Software could allow an authenticated, low-privileged, local attacker to escape the Python sandbox and gain unauthorized access to the underlying operating system of the device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by manipulating specific functions within the Python interpreter. A successful exploit could allow an attacker to escape the Python sandbox and execute arbitrary commands on the underlying operating system with the privileges of the authenticated user.  Note: An attacker must be authenticated with Python execution privileges to exploit these vulnerabilities. For more information regarding Python execution privileges, see product-specific documentation, such as the section of the Cisco Nexus 9000 Series NX-OS Programmability Guide.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-n9k-c9232cn9k-c92348gc-xnexus_34200yc-smnexus_93108tc-ex_switchnexus_93180lc-exnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_9396tx_switchn9k-sup-bnexus_93128txnexus_9336pq_aci_spinenexus_9372tx_switchnexus_9336pq_aci_spine_switchn9k-c9372pxnexus_9336pq_acin9k-x9732c-fxnexus_92160yc_switchn9k-c9504-fm-rnexus_9432pqn9k-c92304qcnexus_9364d-gx2anexus_3016qnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xn9k-c93216tc-fx2nexus_31108tc-vnexus_9372px-e_switchnexus_9636pqnexus_9348gc-fxpnexus_3172nexus_9808nexus_9272qnexus_9500_supervisor_b\+nexus_9500_4-slotn9k-sc-anexus_93120tx_switchnexus_93180yc-fxnexus_3432d-sn9k-sup-b\+n9k-c93108tc-fxn9k-c93360yc-fx2nexus_3232nexus_3000n9k-x9736c-fxnexus_3524nexus_9000_in_standalonen9k-x9736c-exnexus_3548-x\/xlnexus_9332d-gx2bnexus_3016nexus_9364c-h1nexus_9804n9k-c9372txnexus_92304qcn9k-c9396pxnexus_93108tc-fx-24nexus_93240tc-fx2nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bnexus_9500_8-slotn9k-c9316d-gxnexus_3100nexus_3048nexus_9348gc-fx3phnexus_3500_platformnexus_9372tx-enexus_93360yc-fx2nexus_3524-xln9k-c93180yc-fxnexus_9396txn9k-c9348gc-fxpnexus_3232c_nexus_92300yc_switchnexus_3064n9k-c93128txnexus_9716d-gxnexus_3500n9k-x9788tc-fxn9k-c93600cd-gxnexus_9336c-fx2-en9k-c93240yc-fx2n9k-x9564txnexus_9396pxn9k-c93108tc-exn9k-c9372tx-en9k-x9464pxnexus_9221cn9k-c9336c-fx2nexus_3132q-x\/3132q-xlnexus_9372txnexus_9348d-gx2an9k-x9432c-snexus_3064-tnexus_93600cd-gxnexus_3408-snexus_9536pqnexus_9372px-enexus_9336pqnexus_3600nexus_9372tx-e_switchn9k-x9636c-rnexus_3400n9k-c9364c-gxnexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vn9k-c9236cnexus_92304qc_switchnexus_93120txn9k-x9400-8dnexus_9316d-gxnexus_3524-x\/xln9k-c9332d-gx2bnexus_9504_switchnexus_9408nexus_3100-zn9k-sup-an9k-c9332pqn9k-x9464tx2n9k-c93180yc-exn9k-c9348d-gx2an9k-x96136yc-rnexus_31128pqn9k-x9636q-rnexus_3548-xlnexus_93180yc-fx3snexus_3164qnexus_9364cnexus_93400ld-h1nexus_9800nexus_3132c-znexus_3172pq\/pq-xln9k-x97284yc-fxn9k-c9364d-gx2an9k-c9272qn9k-x9732c-exnexus_93180yc-fx-24nexus_3464cn9k-c9396txnexus_93216tc-fx2nexus_9232enexus_36180yc-rn9k-c9504nexus_93180tc-exnexus_3264qnexus_34180ycnexus_9000vnexus_9300nexus_31108pc-vn9k-x9400-22ln9k-x9636c-rxnexus_9500_supervisor_a\+nexus_3064-32tn9k-c93120txn9k-c93180yc2-fxnexus_93180yc-fx3nexus_9508_switchnexus_93180yc-ex-24n9k-c9516n9k-c9508nexus_3100vnexus_3548nexus_9736pqnexus_9396px_switchnexus_3132qn9k-c9372px-en9k-x9400-16wn9k-x97160yc-exnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxn9k-c9332cnexus_92160yc-xnexus_93180lc-ex_switchnexus_9372px_switchnexus_3000_seriesnexus_93108tc-ex-24nexus_9332pq_switchn9k-c92300ycnexus_9500_16-slotnexus_3064xnexus_9000nexus_31108pv-vnexus_9236c_switchnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tn9k-c9508-fm-rnexus_9500_supervisor_anexus_9800_34-port_100g_and_14-port_400g_line_cardnexus_92300ycnexus_3172pqnexus_3064-xnexus_9272q_switchnexus_3232cnexus_9200ycnexus_9200nexus_93180yc-ex_switchnexus_93108tc-fx3nexus_9348gc-fx3nexus_9800_36-port_400g_line_cardn9k-c9364cnexus_93128tx_switchnexus_3264c-enexus_93240yc-fx2n9k-c92160yc-xnexus_3548-xnexus_3132q-xlnexus_3172tq-xlnexus_93180yc-exnexus_9516_switchnexus_9332d-h2rnexus_93128nexus_93108tc-fx3hn9k-c93180lc-exnexus_9236cn9k-sup-a\+n9k-x9564pxnexus_93180yc-fx3hnexus_9516nexus_3172pq-xlnexus_9500rCisco NX-OS Software
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2019-12675
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-8.2||HIGH
EPSS-0.03% / 10.70%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-20 Nov, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Multi-instance Container Escape Vulnerabilities

Multiple vulnerabilities in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their FTD instance and execute commands with root privileges in the host namespace. These vulnerabilities are due to insufficient protections on the underlying filesystem. An attacker could exploit these vulnerabilities by modifying critical files on the underlying filesystem. A successful exploit could allow the attacker to execute commands with root privileges within the host namespace. This could allow the attacker to impact other running FTD instances.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_4145_firmwarefirepower_9300firepower_4150firepower_4110firepower_9300_firmwarefirepower_4125firepower_4125_firmwarefirepower_4140firepower_4115_firmwarefirepower_4150_firmwarefirepower_4120_firmwarefirepower_4145firepower_4120firepower_4140_firmwarefirepower_4110_firmwarefirepower_4115firepower_threat_defenseCisco Firepower Threat Defense Software
CWE ID-CWE-216
DEPRECATED: Containment Errors (Container Errors)
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2019-12629
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.74% / 73.53%
||
7 Day CHG~0.00%
Published-26 Jan, 2020 | 04:25
Updated-15 Nov, 2024 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN vManage Command Injection Vulnerability

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-vedge_100mvedge-5000vedge-100bvedge-2000sd-wan_firmwarevedge-100vedge-1000vedge_100wmCisco SD-WAN Solution
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2022-20693
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-2.41% / 85.48%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-06 Nov, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Web UI API Injection Vulnerability

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to inject commands to the underlying operating system with root privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2016-6414
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 45.06%
||
7 Day CHG~0.00%
Published-22 Sep, 2016 | 22:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local users to execute arbitrary IOx Linux commands on the guest OS via crafted iox command-line options, aka Bug ID CSCuz59223.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-iosn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2016-6459
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.59% / 69.78%
||
7 Day CHG~0.00%
Published-19 Nov, 2016 | 02:45
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could allow an authenticated, local attacker to execute a local shell command injection. More Information: CSCvb25010. Known Affected Releases: 8.1.x. Known Fixed Releases: 6.3.4 7.3.7 8.2.2 8.3.0.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-telepresence_tc_softwareCisco TelePresence CE and TC 8.1.x
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-40120
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.48% / 65.70%
||
7 Day CHG~0.00%
Published-04 Nov, 2021 | 15:35
Updated-07 Nov, 2024 | 21:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Command Injection Vulnerability

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv325application_extension_platformrv320rv042rv042grv082rv016ios_xrCisco Small Business RV Series Router Firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-40113
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-10||CRITICAL
EPSS-13.67% / 94.44%
||
7 Day CHG~0.00%
Published-04 Nov, 2021 | 15:35
Updated-07 Nov, 2024 | 21:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst PON Series Switches Optical Network Terminal Vulnerabilities

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) could allow an unauthenticated, remote attacker to perform the following actions: Log in with a default credential if the Telnet protocol is enabled Perform command injection Modify the configuration For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_pon_switch_cgp-ont-4pv_firmwarecatalyst_pon_switch_cgp-ont-1p_firmwarecatalyst_pon_switch_cgp-ont-4pvcatalyst_pon_switch_cgp-ont-1pcatalyst_pon_switch_cgp-ont-4pvccatalyst_pon_switch_cgp-ont-4pcatalyst_pon_switch_cgp-ont-4pvc_firmwarecatalyst_pon_switch_cgp-ont-4tvcw_firmwarecatalyst_pon_switch_cgp-ont-4tvcwcatalyst_pon_switch_cgp-ont-4p_firmwareCisco Catalyst PON Series
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20292
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.15% / 35.75%
||
7 Day CHG~0.00%
Published-27 Aug, 2025 | 16:23
Updated-27 Aug, 2025 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NXOS Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid user credentials on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by entering crafted input as the argument of an affected CLI command. A successful exploit could allow the attacker to read and write files on the underlying operating system with the privileges of a non-root user account. File system access is limited to the permissions that are granted to that non-root user account.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS System Software in ACI ModeCisco Unified Computing System (Managed)Cisco NX-OS Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20213
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.08% / 23.38%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:18
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Catalyst SDWAN Manager Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials with CLI access on the affected system. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by running a series of crafted commands on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device and gain privileges of the root user. To exploit this vulnerability, an attacker would need to have CLI access as a low-privilege user.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_sd-wan_managerCisco Catalyst SD-WAN Manager
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34729
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 17.10%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges on an affected device. This vulnerability is due to insufficient validation of arguments passed to certain CLI commands. An attacker could exploit this vulnerability by including malicious input in the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands with elevated privileges on the underlying operating system. An attacker would need valid user credentials to exploit this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeios_xe_sd-wanCisco IOS XE SD-WAN Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1370
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.27%
||
7 Day CHG~0.00%
Published-04 Feb, 2021 | 16:40
Updated-08 Nov, 2024 | 23:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation Vulnerability

A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. To exploit this vulnerability, an attacker would need to have a valid account on an affected device. The vulnerability is due to insufficient validation of command line arguments. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the prompt. A successful exploit could allow an attacker with low-level privileges to escalate their privilege level to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018808ncs_540881288188202ios_xrCisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1498
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-94.21% / 99.92%
||
7 Day CHG~0.00%
Published-06 May, 2021 | 12:41
Updated-28 Oct, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2021-11-17||Apply updates per vendor instructions.
Cisco HyperFlex HX Command Injection Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-hyperflex_hx240c_m5hyperflex_hx220c_edge_m5hyperflex_hx240chyperflex_hx220c_af_m5hyperflex_hx220c_all_nvme_m5hyperflex_hx220c_m5hyperflex_hx_data_platformhyperflex_hx240c_af_m5Cisco HyperFlex HX Data PlatformHyperFlex HX
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1452
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.07% / 22.39%
||
7 Day CHG~0.00%
Published-24 Mar, 2021 | 20:06
Updated-08 Nov, 2024 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE ROM Monitor Software for Cisco Industrial Switches OS Command Injection Vulnerability

A vulnerability in the ROM Monitor (ROMMON) of Cisco IOS XE Software for Cisco Catalyst IE3200, IE3300, and IE3400 Rugged Series Switches, Cisco Catalyst IE3400 Heavy Duty Series Switches, and Cisco Embedded Services 3300 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to incorrect validations of specific function arguments passed to a boot script when specific ROMMON variables are set. An attacker could exploit this vulnerability by setting malicious values for a specific ROMMON variable. A successful exploit could allow the attacker to execute unsigned code and bypass the image verification check during the secure boot process of an affected device. To exploit this vulnerability, the attacker would need to have unauthenticated, physical access to the device or obtain privileged access to the root shell on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_ie3400_heavy_duty_switchcatalyst_ie3400_rugged_switchcatalyst_ie3200_rugged_switchios_xe_rom_monitoress_3300catalyst_ie3300_rugged_switchCisco IOS XE ROMMON Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-1141
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-9.8||CRITICAL
EPSS-7.17% / 91.80%
||
7 Day CHG~0.00%
Published-20 Jan, 2021 | 20:11
Updated-12 Nov, 2024 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-smart_software_manager_satelliteCisco Smart Software Manager On-Prem
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34755
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:55
Updated-07 Nov, 2024 | 21:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_management_center_virtual_appliancefirepower_threat_defensesourcefire_defense_centerCisco Firepower Threat Defense Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34721
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.29%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34756
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.54%
||
7 Day CHG~0.00%
Published-27 Oct, 2021 | 18:55
Updated-07 Nov, 2024 | 21:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Firepower Threat Defense Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_management_center_virtual_appliancefirepower_threat_defensesourcefire_defense_centerCisco Firepower Threat Defense Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34726
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 25.46%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-sd-wanCisco SD-WAN Solution
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15368
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.11% / 29.53%
||
7 Day CHG~0.00%
Published-05 Oct, 2018 | 14:00
Updated-26 Nov, 2024 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Privileged EXEC Mode Root Shell Access Vulnerability

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent modifications to the underlying Linux filesystem on a device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit this vulnerability on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34725
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.10% / 27.49%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE SD-WAN Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hxasr_1000_series_route_processor_\(rp2\)asr_1000_series_route_processor_\(rp3\)1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_r4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_1009-xasr_1000-esp100asr_1002ios_xe_sd-wan4000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000v1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_1000_seriesasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_router422_integrated_services_routerCisco IOS XE SD-WAN Software
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15442
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-43.34% / 97.60%
||
7 Day CHG~0.00%
Published-24 Oct, 2018 | 19:00
Updated-26 Nov, 2024 | 14:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Webex Meetings Desktop App Update Service Command Injection Vulnerability

A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplied parameters. An attacker could exploit this vulnerability by invoking the update service command with a crafted argument. An exploit could allow the attacker to run arbitrary commands with SYSTEM user privileges. While the CVSS Attack Vector metric denotes the requirement for an attacker to have local access, administrators should be aware that in Active Directory deployments, the vulnerability could be exploited remotely by leveraging the operating system remote management tools.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-webex_meetings_desktopwebex_productivity_toolsCisco WebEx Event Center
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-15380
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-0.17% / 37.46%
||
7 Day CHG~0.00%
Published-20 Feb, 2019 | 23:00
Updated-20 Nov, 2024 | 17:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco HyperFlex Software Command Injection Vulnerability

A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user. This vulnerability affects Cisco HyperFlex Software releases prior to 3.5(2a).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-hyperflex_hx_data_platformCisco HyperFlex HX-Series
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20349
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.24% / 47.34%
||
7 Day CHG+0.03%
Published-13 Nov, 2025 | 16:18
Updated-26 Feb, 2026 | 16:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco DNA Center API Command Injection Vulnerability

A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_centerCisco Digital Network Architecture Center (DNA Center)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20161
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.05% / 16.48%
||
7 Day CHG~0.00%
Published-26 Feb, 2025 | 16:12
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco NX-OS Software Command Injection Vulnerability

A vulnerability in the software upgrade process of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker with valid Administrator credentials to execute a command injection attack on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of specific elements within a software image. An attacker could exploit this vulnerability by installing a crafted image. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.  Note: Administrators should validate the hash of any software image before installation.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34722
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.61%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:01
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Command Injection Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to gain access to the underlying root shell of an affected device and execute arbitrary commands with root privileges. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34719
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.27%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:00
Updated-07 Nov, 2024 | 22:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-82018101-32hncs_5001ncs_5002asr_9010ncs_4009ncs_540_fronthaul8202ncs_1001asr_9902ncs_5501-sencs_5516ncs_6000asr_9006ncs_540ncs_4016asr_9000v-v2ios_xrncs_5502-se8201-32fhncs_5508asr_9903ncs_5501ios_xrv880488128818ncs_5011ios_xrv_9000asr_90018101-32fhncs_6008asr_9910asr_99068808asr_9904asr_9912asr_9922ncs_560-4ncs_1004ncs_560-7ncs_10028102-64hncs_5502ncs_520asr_9901Cisco IOS XR Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2021-34748
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.27% / 79.96%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 19:46
Updated-07 Nov, 2024 | 21:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Intersight Virtual Appliance Command Injection Vulnerability

A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to perform a command injection attack on an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using the web-based management interface to execute a command using crafted input. A successful exploit could allow the attacker to execute arbitrary commands using root-level privileges on an affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-intersight_virtual_applianceCisco Intersight Virtual Appliance
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20294
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.07% / 21.81%
||
7 Day CHG~0.00%
Published-27 Aug, 2025 | 16:23
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco UCS Manager Software Command Injection Vulnerability

Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager Software could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root.   These vulnerabilities are due to insufficient input validation of command arguments supplied by the user. An attacker could exploit these vulnerabilities by authenticating to a device and submitting crafted input to the affected commands. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system of the affected device with root-level privileges.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20186
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-1.20% / 79.35%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:37
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of the Wireless LAN Controller feature of Cisco IOS XE Software could allow an authenticated, remote attacker with a lobby ambassador user account to perform a command injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary Cisco IOS XE Software CLI commands with privilege level 15. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-0279
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.8||HIGH
EPSS-2.27% / 85.07%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 03:00
Updated-29 Nov, 2024 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device. The vulnerability is due to improper input validation of command arguments. An attacker could exploit this vulnerability by using crafted arguments when opening a connection to the affected device. An exploit could allow the attacker to gain shell access with a non-root user account to the underlying Linux operating system on the affected device. Due to the system design, access to the Linux shell could allow execution of additional attacks that may have a significant impact on the affected system. This vulnerability affects Cisco devices that are running release 3.7.1, 3.6.3, or earlier releases of Cisco Enterprise NFV Infrastructure Software (NFVIS) when access to the SCP server is allowed on the affected device. Cisco NFVIS Releases 3.5.x and 3.6.x do allow access to the SCP server by default, while Cisco NFVIS Release 3.7.1 does not. Cisco Bug IDs: CSCvh25026.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-enterprise_nfv_infrastructure_softwareCisco Enterprise NFV Infrastructure Software
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20194
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.31% / 54.55%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:48
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to read limited files from the underlying operating system or clear the syslog and licensing logs on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20308
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.06% / 18.26%
||
7 Day CHG~0.00%
Published-02 Jul, 2025 | 16:05
Updated-26 Feb, 2026 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Spaces Connector Privilege Escalation Vulnerability

A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate privileges and execute arbitrary commands on the underlying operating system as root. This vulnerability is due to insufficient restrictions during the execution of specific CLI commands. An attacker could exploit this vulnerability by logging in to the Cisco Spaces Connector CLI as the spacesadmin user and executing a specific command with crafted parameters. A successful exploit could allow the attacker to elevate privileges from the spacesadmin user and execute arbitrary commands on the underlying operating system as root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-spaces_connectorCisco DNA Spaces Connector
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20295
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.03% / 10.76%
||
7 Day CHG~0.00%
Published-27 Aug, 2025 | 16:23
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco UCS Manager Software Command Injection Vulnerability

A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local attacker with administrative privileges to read or create a file or overwrite any file on the file system of the underlying operating system of an affected device, including system files.   This vulnerability is due to insufficient input validation of command arguments supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to read or create a file or overwrite any file on the file system of the underlying operating system of the affected device, including system files. To exploit this vulnerability, the attacker must have valid administrative credentials on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Unified Computing System (Managed)
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20193
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.35% / 57.64%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:46
Updated-11 Jul, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to read files from the underlying operating system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-20220
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.07% / 22.85%
||
7 Day CHG+0.05%
Published-14 Aug, 2025 | 16:40
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system as root. This vulnerability is due to improper input validation for specific CLI commands. An attacker could exploit this vulnerability by injecting operating system commands into a legitimate command. A successful exploit could allow the attacker to escape the restricted command prompt and execute arbitrary commands on the underlying operating system. To successfully exploit this vulnerability, an attacker would need valid Administrator credentials. For more information about vulnerable scenarios, see the Details ["#details"] section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Firepower Management CenterCisco Firepower Threat Defense Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20164
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.5||MEDIUM
EPSS-2.42% / 85.51%
||
7 Day CHG+0.78%
Published-18 May, 2023 | 00:00
Updated-28 Oct, 2024 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Command Injection Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid credentials on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-20021
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6||MEDIUM
EPSS-0.31% / 54.68%
||
7 Day CHG~0.00%
Published-05 Apr, 2023 | 00:00
Updated-28 Oct, 2024 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Identity Services Engine Privilege Escalation Vulnerabilities

Multiple vulnerabilities in specific Cisco Identity Services Engine (ISE) CLI commands could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit these vulnerabilities, an attacker must have valid Administrator privileges on the affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-identity_services_engineCisco Identity Services Engine Software
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 7
  • 8
  • Next
Details not found