Arbitrary Code Execution via Crafted DNS Lookup Command in Cisco CSP 2100 2.0 (CSCuz89093)

CVE-2016-6374 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote attackers to execute arbitrary code via a crafted dnslookup command in an HTTP request, aka Bug ID CSCuz89093.

Learn more about our Cloud Audit.