CVE-2023-20035

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-146
View all →

Vulnerability Description

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit this vulnerability by first authenticating to an affected device using either local terminal access or a management shell interface and then submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root-level privileges. An attacker with limited user privileges could use this vulnerability to gain complete control over the system. Note: For additional information about specific impacts, see the Details section of this advisory.

Related Vulnerabilities

CVE-2022-4055

HIGH
CVSS:7.4(High)

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An atta...

CWE-1462022

CVE-2023-20117

HIGH
CVSS:7.2(High)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute ...

CWE-1462023

CVE-2023-20128

HIGH
CVSS:7.2(High)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute ...

CWE-1462023

CVE-2024-20470

MEDIUM
CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arb...

CWE-1462024

CVE-2024-20329

CRITICAL
CVSS:9.9(Critical)

A vulnerability in the SSH subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to execute operating system commands as root. This vulnerability ...

CWE-1462024

CVE-2022-4055

HIGH
CVSS:7.4(High)

When xdg-mail is configured to use thunderbird for mailto URLs, improper parsing of the URL can lead to additional headers being passed to thunderbird that should not be included per RFC 2368. An atta...

CWE-1462022