#VU10114 OS command injection in D9800 Network Transport Receiver
Vulnerability identifier: #VU10114
Vulnerability risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-78
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
D9800 Network Transport Receiver
Hardware solutions /
Firmware
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote authenticated attacker to execute arbitrary commands on the target system.
The weakness exists in the web management GUI of the Cisco D9800 Network Transport Receiver due to insufficient input validation of GUI command arguments. A remote attacker can inject specially crafted arguments into a vulnerable GUI command and execute commands on the underlying BusyBox operating system with elevated privileges.
Mitigation
Install update from vendor's website.
Vulnerable software versions
D9800 Network Transport Receiver: All versions
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-ntr
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
