Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-0217

EPSS 0.18% · P40
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-0217

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series Aggregation Services Routers could allow an authenticated, local attacker to perform a command injection attack on an affected system. The vulnerability is due to insufficient validation of commands that are supplied to certain configurations in the CLI of the affected operating system. An attacker could exploit this vulnerability by injecting crafted arguments into a vulnerable CLI command for an affected system. A successful exploit could allow the attacker to insert and execute arbitrary commands in the CLI of the affected system. To exploit this vulnerability, the attacker would need to authenticate to an affected system by using valid administrator credentials. Cisco Bug IDs: CSCvg29441.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
在命令中使用的特殊元素转义处理不恰当(命令注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco ASR 5000 Series Aggregation Services Routers StarOS操作系统CLI 命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco ASR 5000 Series Aggregation Services Routers是美国思科(Cisco)公司的一款5000系列安全路由器设备。StarOS operating system是一套运行在其中的虚拟化操作系统。CLI是其中的一个命令行界面。 Cisco ASR 5000 Series Aggregation Services Routers中的StarOS操作系统的CLI存在命令注入漏洞,该漏洞源于程序没有充分的校验提交到CLI配置中的命令。本地攻击者可通过向受影响的CLI
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Cisco StarOS Cisco StarOS -

II. Public POCs for CVE-2018-0217

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-0217

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-03-08 · 47 CVEs total

CVE-2018-7871libming 缓冲区错误漏洞
CVE-2018-7874libming 安全漏洞
CVE-2018-7876libming 安全漏洞
CVE-2014-7272Simple Desktop Display Manager 权限许可和访问控制漏洞
CVE-2018-5313Rapid Scada 安全漏洞
CVE-2018-7183NTP ntpq 缓冲区错误漏洞
CVE-2018-7889Calibre 安全漏洞
CVE-2018-7890Zoho ManageEngine Applications Manager 命令注入漏洞
CVE-2014-7271Simple Desktop Display Manager 安全漏洞
CVE-2018-7872libming 安全漏洞
CVE-2018-7873libming 缓冲区错误漏洞
CVE-2018-7870libming 安全漏洞
CVE-2018-7869libming 安全漏洞
CVE-2018-7868libming 缓冲区错误漏洞
CVE-2018-7867libming 缓冲区错误漏洞
CVE-2018-7866libming 安全漏洞
CVE-2018-1220EMC RSA Archer 安全漏洞
CVE-2018-1219EMC RSA Archer 访问控制错误漏洞
CVE-2018-1216多款Dell产品vApp Manager 安全漏洞
CVE-2018-1215多款Dell产品安全漏洞

Showing top 20 of 47 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Cisco StarOS
Same vendor: n/a
Same weakness: CWE-77

V. Comments for CVE-2018-0217

No comments yet

Leave a comment