漏洞描述
Cisco Nexus Dashboard Fabric Controller是美国思科(Cisco)公司的一种用于管理 Cisco NX-OS 部署的综合网络管理平台,适用于数据中心的 LAN、SAN 和 IP Fabric for Media (IPFM) 网络 。 Cisco Nexus Dashboard Fabric Controller存在SQL注入漏洞,该漏洞源于对用户提供的输入验证不足。经过身份验证的具有只读权限的远程攻击者在受影响的设备上执行任意SQL命令。
Cisco Nexus Dashboard Fabric Controller SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- JeeWMS /cgDynamGraphController.do SQL 注入漏洞
- JeeWMS /departController.do SQL 注入漏洞
- MCPHub Dashboard JWT硬编码身份认证绕过漏洞
- CVE-2019-19781: Citrix Application Delivery Controller (ADC) and Gateway Directory Traversal.
- jeecgboot-commoncontroller-parserxml-fileupload: Jeecgboot commonController parserXml fileupload
- OpenSearch Dashboard为存在默认口令
- OpenSearch Dashboard存在未授权访问
- Cisco Secure Firewall Management Center和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞
- Exrick Xboot Swagger SecurityController.java服务器端请求伪造(CVE-2025-8527)
- POC CVE-2025-1974-k8s: Ingress-Nginx Controller - Unauthenticated Remote Code Execution
- POC CVE-2001-0537: Cisco IOS HTTP Configuration - Authentication Bypass
- POC CVE-2009-1558: Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion
- POC CVE-2009-4679: Joomla! Portfolio Nexus - Remote File Inclusion