To exploit this vulnerability, an attacker would need to authenticate to the CLI. The following is a list of commands that could be used to exploit this vulnerability:
Filesystem — copy.
Disk — copy.
Disk — mkfs.
Disk — df.
Disk — mkfs.
Disk — mkswap.
Disk — rm.
Disk — rmdir.
Disk — cp.
Disk — rsync.
Disk — chattr.
Disk — chmod.
Disk — mv.
Disk — rm.
Red Hat — cp. To reduce the chances of being exploited, we recommend that you restrict input to the CLI. For example, disable remote access for the CLI or limit remote users to specific IP addresses.
Cisco SD-WAN Software provides a web interface that can be used to manage and monitor the system. A vulnerability in the web interface of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to inject arbitrary HTML or JavaScript code into the web interface. This code could then be loaded and executed by the web server, allowing the attacker to conduct phishing attacks or redirect users to malicious sites. An attacker would need to host a malicious website on a web server that accepts HTTP requests and that has access to the Cisco SD-WAN Software web server's internal network.
Vulnerable Software
Cisco SD-WAN Software is vulnerable to a cross-site scripting vulnerability.
To exploit this, an attacker would need to authenticate to the web interface of Cisco SD-WAN Software. The following is a list of commands that could be used to exploit the vulnerability:
Filesystem — copy.
Disk — copy.
Disk — mkfs.
Disk — df.
Disk — mkfs.
Disk — mkswap.
Disk — rm.
Disk — rmdir.
Disk — cp.
Vulnerability Summary
The vulnerability allows an attacker to inject malicious HTML or JavaScript code into the web interface of Cisco SD-WAN Software. An attacker would need to host a malicious website on a web server that accepts HTTP requests and that has access to the Cisco SD-WAN Software web server's internal network.
Vulnerability Discovery and Attribution
The vulnerability was discovered by David Barksdale, a medical doctor and co-founder of the San Diego Virtual Medical Center.
The following is an example exploit code:
Cisco Intrusion Detection System (IDS)
Cisco SD-WAN Software provides a web interface that can be used to manage and monitor the system. A vulnerability in the web interface of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to inject arbitrary HTML or JavaScript code into the web interface. This code could then be loaded and executed by the web server, allowing the attacker to conduct phishing attacks or redirect users to malicious sites. An attacker would need to host a malicious website on a web server that accepts HTTP requests and that has access to the Cisco SD-WAN Software web server's internal network.
Timeline
Published on: 09/30/2022 19:15:00 UTC
Last modified on: 10/05/2022 16:08:00 UTC