CVE-2015-4237

CVE Database · CVE-2015-4237

CVE-2015-4237

· N/AModified

CVSS v3.1

N/A

EPSS

0.43%

Published

Jul 3, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.1(1)SV1(3.1.8) on Nexus devices allows local users to execute arbitrary OS commands via crafted characters in a filename, aka Bug IDs CSCuv08491, CSCuv08443, CSCuv08480, CSCuv08448, CSCuu99291, CSCuv08434, and CSCuv08436.

Weaknesses (CWE)

CWE-78CWE-264

Affected Products (44)

cisco · nx-osvulnerable

cisco · nexus_93120tx

cisco · nexus_93128tx

cisco · nexus_9332pq

cisco · nexus_9336pq_aci_spine

cisco · nexus_9372px

cisco · nexus_9372tx

cisco · nexus_9396px

cisco · nexus_9396tx