Rewterz

Rewterz Threat Alert – Elaborate Crypto Trading Scheme to Install Malware

October 15, 2019
Rewterz

Rewterz Threat Alert – Fallout Exploit Kit and Raccoon Stealer – IoCs

October 15, 2019

Rewterz Threat Advisory – Cisco IOS XE Software Web UI Command Injection Vulnerabilities

Severity

High

Analysis Summary

CVE-2019-12650

The vulnerability exists because the affected software improperly sanitizes user-supplied input. An attacker who has valid administrator-level access (level 15) to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the Web UI and then submitting that form. A successful exploit could allow the attacker to run arbitrary commands on the device with root privileges, which may lead to complete system compromise.

CVE-2019-12651

The vulnerability exists because the affected software improperly sanitizes user-supplied input. An attacker could exploit this vulnerability by supplying a crafted input parameter on a form in the Web UI and then submitting that form. A successful exploit could allow the attacker to execute arbitrary Cisco IOS commands as a privilege level 15 user.

Impact

Execution of arbitrary code

Affected Vendors

Cisco

Affected Products

Cisco IOS XE with the HTTP Server feature enabled

Remediation

Please see vendor’s advisory for more details

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-webui-cmd-injection

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.