CVE-2020-3218

HIGH

Cisco IOS XE - Authenticated Remote Code Execution via Malicious File Upload

Title source: llm

Description

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by first creating a malicious file on the affected device itself and then uploading a second malicious file to the device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or bypass licensing requirements on the device.

References (1)

Core 1

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-webui-rce-uk8BXcUD

Scores

CVSS v3 7.2

EPSS 0.0126

EPSS Percentile 79.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-20

Status published

Products (50)

cisco/ios_xe 16.6.1

cisco/ios_xe 16.6.2

cisco/ios_xe 16.6.3

cisco/ios_xe 16.6.4

cisco/ios_xe 16.6.4a

cisco/ios_xe 16.6.4s

cisco/ios_xe 16.6.5

cisco/ios_xe 16.6.5a

cisco/ios_xe 16.6.5b

cisco/ios_xe 16.6.6

... and 40 more

Published Jun 03, 2020

Tracked Since Feb 18, 2026