Lucene search
CiscoCVELIST:CVE-2018-0196HistoryMar 28, 2018 - 10:00 p.m.
CVE-2018-0196
2018-03-2822:00:00
CWE-20
cisco
www.cve.org
12
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. The vulnerability is due to insufficient input validation of HTTP requests that are sent to the web UI of the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web UI of the affected software. A successful exploit could allow the attacker to write arbitrary files to the operating system of an affected device. Cisco Bug IDs: CSCvb22645.
CNA Affected
[
{
"product": "Cisco IOS XE",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco IOS XE"
}
]
}
]Related
prion
prion
Input validation
2018-03-28 22:29:00
nessus
nessus
Cisco IOS XE Software Arbitrary File Write (cisco-sa-20180328-wfw)
2019-12-17 00:00:00
cisco
cisco
Cisco IOS XE Software Arbitrary File Write Vulnerability
2018-03-28 16:00:00
cve
cve
CVE-2018-0196
2018-03-28 22:29:02
nvd
nvd
CVE-2018-0196
2018-03-28 22:29:02