10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.965 High
EPSS
Percentile
99.6%
Added: 12/23/2010
CVE: CVE-2000-0945
BID: 1846
OSVDB: 444
The Cisco Internetwork Operating System (IOS) is the operating system used by Cisco routers.
A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with **/exec**
.
Set an enable password on the Cisco device.
<http://archives.neohapsis.com/archives/bugtraq/2000-10/0380.html>
<http://archives.neohapsis.com/archives/bugtraq/2000-11/0194.html>
Exploit works on Cisco Catalyst 3500 XL devices with the enable password unset.
Cisco