CVE-2021-1443

MEDIUM

Cisco IOS XE - Authenticated Remote Code Execution via Configuration File Tampering

Title source: llm

Description

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying operating system of an affected device. The vulnerability exists because the affected software improperly sanitizes values that are parsed from a specific configuration file. An attacker could exploit this vulnerability by tampering with a specific configuration file and then sending an API call. A successful exploit could allow the attacker to inject arbitrary code that would be executed on the underlying operating system of the affected device. To exploit this vulnerability, the attacker would need to have a privileged set of credentials to the device.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-os-cmd-inj-Ef6TV5e9

Scores

CVSS v3 5.5

EPSS 0.0069

EPSS Percentile 71.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-78 CWE-77

Status published

Products (50)

cisco/ios_xe 16.9.1

cisco/ios_xe 16.9.1a

cisco/ios_xe 16.9.1b

cisco/ios_xe 16.9.1c

cisco/ios_xe 16.9.1d

cisco/ios_xe 16.9.1s

cisco/ios_xe 16.9.2

cisco/ios_xe 16.9.2a

cisco/ios_xe 16.9.2s

cisco/ios_xe 16.9.3

... and 40 more

Published Mar 24, 2021

Tracked Since Feb 18, 2026