How severe is CVE-2019-12629?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2019-12629?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2019-12629

MEDIUM Year: 2019

CVSS v3 Score

4.7

Medium

CVSS v2 Score

9.0

Critical

Weakness Type

CWE-77

View all →

Vulnerability Description

A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system.

CVE-2017-6184

MEDIUM

CVSS:4.7(Medium)

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.

CWE-772017

CVE-2024-21903

MEDIUM

CVSS:4.7(Medium)

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands v...

CWE-772024

CVE-2024-5194

MEDIUM

CVSS:4.7(Medium)

A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the arg...

CWE-772024

CVE-2024-5195

MEDIUM

CVSS:4.7(Medium)

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer...

CWE-772024

CVE-2024-5196

MEDIUM

CVSS:4.7(Medium)

A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads...

CWE-772024

CVE-2024-53692

MEDIUM

CVSS:4.7(Medium)

A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access ...

CWE-772024

CVE-2019-12629

Vulnerability Description

Related Vulnerabilities

CVE-2017-6184

CVE-2024-21903

CVE-2024-5194

CVE-2024-5195

CVE-2024-5196

CVE-2024-53692