CVE-2021-1370 — OS Command Injection in Cisco IOS XR

CWE-78 — OS Command Injection6 documents6 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 77.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS XR Cisco IOS XR Software

Timeline

PublishedFeb 4

Latest updateApr 12

Description

A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running NCS540L software images could allow an authenticated, local attacker to elevate their privilege to root. To exploit this vulnerability, an attacker would need to have a valid account on an affected device. The vulnerability is due to insufficient validation of command line arguments. An attacker could exploit this vulnerability by authenticating to…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5cisco/cisco_ios_xr_softwaren/a

▶NVDcisco/ios_xr7.1.0 — 7.2.1+2

🔴Vulnerability Details

OSV

json-smart vulnerabilities↗2023-04-12

▶

GHSA

GHSA-g2w2-8h95-w988: A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and Network Convergence System 540 Series Routers running↗2022-05-24

▶

CVEList

Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation Vulnerability↗2021-02-04

▶

💥Exploits & PoCs

Exploit-DB

In4Suit ERP 3.2.74.1370 - 'txtLoginId' SQL injection↗2021-05-19

▶

📋Vendor Advisories

Cisco

Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation Vulnerability↗2021-02-03

▶