Arbitrary File Creation and Code Execution Vulnerability in Cisco Security Agent Management Console

Arbitrary File Creation and Code Execution Vulnerability in Cisco Security Agent Management Console

CVE-2011-0364 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

Learn more about our Cis Benchmark Audit For Cisco.