Cisco Crosswork Network Change Automation
Monthly
Authenticated remote OS command injection in Cisco Crosswork Network Controller's web-based management interface allows a threat actor holding valid template user credentials with write permissions to execute arbitrary commands on the underlying operating system. The flaw resides in the configuration template engine, which fails to adequately validate attacker-supplied input before processing it, enabling CWE-74 injection. Impact is bounded to filesystem areas where the template user holds write access, reducing blast radius compared to full OS compromise; however, on a network automation controller, even scoped command execution can expose sensitive network configurations and automation workflows. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.
Authenticated remote OS command injection in Cisco Crosswork Network Controller's web-based management interface allows a threat actor holding valid template user credentials with write permissions to execute arbitrary commands on the underlying operating system. The flaw resides in the configuration template engine, which fails to adequately validate attacker-supplied input before processing it, enabling CWE-74 injection. Impact is bounded to filesystem areas where the template user holds write access, reducing blast radius compared to full OS compromise; however, on a network automation controller, even scoped command execution can expose sensitive network configurations and automation workflows. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.