Cisco bugs allow creating admin accounts, executing commands as root
Cisco has fixed critical SD-WAN vManage and HyperFlex HX software security flaws that could enable remote attackers to execute commands as root or create rogue admin accounts.
The company also issued security updates to address high and medium severity vulnerabilities in multiple other software products that allow attackers to execute arbitrary code remotely, escalate privileges, trigger denial of service conditions, and more on unpatched servers.
Cisco's Product Security Incident Response Team (PSIRT) said that it's not aware of active exploitation of these vulnerabilities in the wild.
Exploitable to inject commands and execute code remotely
Cisco SD-WAN vManage Software vulnerabilities patched...