Vigil@nce - Cisco IOS XE: system file corruption via a shell command
April 2018 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can tamper with the filenames passed to some commands
to Cisco IOS and IOS XE, in order to overwrite some system files.
Impacted products: Cisco Catalyst, IOS XE Cisco, Cisco Router.
Severity: 2/4.
Creation date: 08/02/2018.
DESCRIPTION OF THE VULNERABILITY
An authenticated attacker can tamper with the filenames passed to
some commands to Cisco IOS and IOS XE, in order to overwrite some
system files.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/Cisco-IOS-XE-system-file-corruption-via-a-shell-command-25251