Rewterz Threat Alert – ZeroCleare Malware Debuts in Middle East Targeting Energy Sector
January 9, 2020Rewterz Threat Alert – LiquorBot Botnet
January 10, 2020Rewterz Threat Alert – ZeroCleare Malware Debuts in Middle East Targeting Energy Sector
January 9, 2020Rewterz Threat Alert – LiquorBot Botnet
January 10, 2020Severity
Medium
Analysis Summary
The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrative privileges and supplying crafted requests to the application. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges on a targeted node.
Impact
Execute arbitrary commands
Affected Vendors
Cisco
Affected Products
Cisco Webex Video Mesh Software releases earlier than 2019.09.19.1956m
Remediation
Please see vendor’s advisory for more details.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20200108-webex-video