CVSS: 9.0EPSS: 2%CPEs: 120EXPL: 0CVE-2013-3444
https://notcve.org/view.php?id=CVE-2013-3444
31 Jul 2013 — The web framework in Cisco WAAS Software before 4.x and 5.x before 5.0.3e, 5.1.x before 5.1.1c, and 5.2.x before 5.2.1; Cisco ACNS Software 4.x and 5.x before 5.5.29.2; Cisco ECDS Software 2.x before 2.5.6; Cisco CDS-IS Software 2.x before 2.6.3.b50 and 3.1.x before 3.1.2b54; Cisco VDS-IS Software 3.2.x before 3.2.1.b9; Cisco VDS-SB Software 1.x before 1.1.0-b96; Cisco VDS-OE Software 1.x before 1.0.1; and Cisco VDS-OS Software 1.x in central-management mode allows remote authenticated users to execute arbi... • http://secunia.com/advisories/54367 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.8EPSS: 1%CPEs: 12EXPL: 0CVE-2010-1577
https://notcve.org/view.php?id=CVE-2010-1577
27 Jul 2010 — Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery System (CDS) 2.2.x, 2.3.x, 2.4.x, and 2.5.x before 2.5.7 allows remote attackers to read arbitrary files via a crafted URL. Vulnerabilidad de salto de directorio en Cisco Internet Streamer, usado en Cisco Content Delivery System (CDS) v2.2.x, v2.3.x, v2.4.x, y v2.5.x anterior a v2.5.7, permite a atacantes remotos leer archivos de su elección a través de una URL manipulada. • http://osvdb.org/66508 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •