daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2019/CVE-2019-1821.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-05-03 16:15:19 -04:00
parent 9b82a69d30
commit ab44edd77f
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/2019/CVE-2019-1821.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2019-1821
info:
name: Cisco Prime Infrastructure - Remote Code Execution
name: Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager - Remote Code Execution
author: _0xf4n9x_
severity: critical
description: Cisco Prime Infrastructure Health Monitor HA TarArchive Directory Traversal Remote Code Execution Vulnerability.
description: Cisco Prime Infrastructure (PI) and Cisco Evolved Programmable Network (EPN) Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because the software improperly validates user-supplied input. An attacker could exploit this vulnerability by uploading a malicious file to the administrative web interface. A successful exploit could allow the attacker to execute code with root-level privileges on the underlying operating system.
reference:
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190515-pi-rce
- https://srcincite.io/blog/2019/05/17/panic-at-the-cisco-unauthenticated-rce-in-prime-infrastructure.html