I reported various vulnerabilities in NX-OS back in 2011, in various posts on my blog:
These were follow on’s to a series of posts I made about getting access to the OS by simply accessing the image:
Deconstructing Cisco NX-OS Part 1: Exploding Kickstart
Deconstructing Cisco NX-OS Part 2: Exploding the System Image
The exploits, which I formally reported to Cisco, were never made public, until over four years later. These exploits were describe in the above posts years before their acknowledgement by Cisco. Some of the exploits which I described and were later made public by Cisco are:
GNU Bash Environment Variable Command Injection Vulnerability
Cisco Nexus Devices NX-OS Software Command-Line Interpreter Local Privilege Escalation Vulnerability
Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability
Cisco NX-OS Software Arbitrary Code Execution Vulnerability
Cisco NX-OS Software Input Validation Vulnerability
