CNNVD-202508-3216 Information

CNNVD ID

CNNVD-202508-3216

Related CVE

CVE-2025-20292

• CNNVD Published: 2025-08-27

Description (Chinese)

Cisco NX-OS Software是美国思科（Cisco）公司的一套交换机使用的数据中心级操作系统软件。 Cisco NX-OS Software存在操作系统命令注入漏洞，该漏洞源于用户输入验证不足，可能导致命令注入攻击。

Description (English)

Cisco NX-OS Software is a data centre-level operating system software used by a United States Cisco switchboard. Cisco NX-OS Software has an operational system command to inject a loophole, which stems from a lack of user input validation and may lead to an order being injected into the attack.

Hazard Level

High

Vulnerability Type

操作系统命令注入

Affected Vendor

Citadel

Published

2025-08-27

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss https://nvd.nist.gov/vuln/detail/CVE-2025-20292 https://vigilance.fr/vulnerability/Cisco-NX-OS-code-execution-via-Command-Injection-48072

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cmdinj-qhNze5Ss