cvedb.io
CVE-2019-1743
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2019-03-28T00:29:00.483 · Last modified 2026-06-17T02:29:11.150

Summary

A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated, remote attacker to make unauthorized changes to the filesystem of the affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by crafting a malicious file and uploading it to the device. An exploit could allow the attacker to gain elevated privileges on the affected device.

Affected products

cisco — ios_xe

Does this affect you?

Add your gear to cvedb and we'll alert you only when cisco ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.