CNNVD-202509-3829 Information
CNNVD ID
CNNVD-202509-3829
Related CVE
- CNNVD Published: 2025-09-24
Description (Chinese)
Cisco IOS XE是美国思科(Cisco)公司的一个操作系统。用于企业有线和无线访问,汇聚,核心和WAN的单一操作系统,Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE存在命令注入漏洞,该漏洞源于输入验证不足,可能导致执行任意命令。
Description (English)
Cisco IOS XE is an operating system of Cisco. Cisco IOS XE, a single operating system for Cable and Wireless Access, Convergence, Core and WAN, reduces the complexity of operations and networks. Cisco IOS XE had an order to inject a loophole, which stemmed from a lack of input certification and could lead to the execution of an arbitrary order.
Hazard Level
Medium
Vulnerability Type
命令注入
Affected Vendor
Citadel
Published
2025-09-24
Last Modified
2026-02-24
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL https://access.redhat.com/security/cve/cve-2025-20334 https://vigilance.fr/vulnerability/Cisco-IOS-XE-code-execution-via-HTTP-API-Command-Injection-48282