cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Advocate I

Cisco IOS XR Software Vulnerability Allows Attackers to Execute Commands as Root

Dear All,

 

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device.

 

This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands.

 

https://cybersecuritynews.com/cisco-ios-xr-software-vulnerability-command/

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-es...

 

 

 

 

 

Kyaw Myo Oo
Information Security Program Manager , CB BANK PCL
CCIE #58769 | CISSP | PMP | CCSM | SAA-C03 | PCNSE
1 Reply
tatssa
Newcomer I

Thanks for sharing this! It’s always important to stay on top of security vulnerabilities, and I appreciate the heads-up. I’ll definitely look into this and make sure the right precautions are taken. Really appreciate the effort in keeping everyone informed!