CVE-2026-20118 Cisco IOS-XR NCS 5500 and NCS 5700 Egress Packet Network Interfaces Aligner Interrupt Denial of Service Vulnerability

A vulnerability in the handling of an Egress Packet Network Interface EPNI Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System NCS 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software for Third Party Software could allow an...

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

CVE-2025-20338

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments th...

CVE-2025-20293

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud 9800-CL could allow an unauthenticated, remote attacker to access the public-key infrastructure PKI server that is running on an affected device. This vulnerability is due...

CVE-2025-20311

CVE-2025-20311 affects Cisco IOS XE Software for Catalyst 9000 Series Switches. The root cause is improper handling of crafted Ethernet frames, enabling an unauthenticated adjacent attacker to cause an egress port to block and drop all outbound traffic, resulting in DoS. The advisory notes that a...

Cisco IOS XR Resource Management Error Vulnerability (CNVD-2025-21253)

Cisco IOS XR is a set of operating systems developed by the American company Cisco Cisco for its network equipment. Cisco IOS XR suffers from a Resource Management Error vulnerability that arises from uncontrolled resource consumption by an application, which can be exploited by an attacker to...

Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerabilities

Multiple vulnerabilities in the Internet Key Exchange Version 2 IKEv2 feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance ASA Software, and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to...

CVE-2025-20194

A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this...

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that originates from...

Cisco IOS XR 安全漏洞

Cisco IOS XR is a set of operating systems developed by Cisco USA for its network devices. A security vulnerability exists in Cisco IOS XR that stems from the Mtrace2 code not handling packet memory correctly...

Cisco IOS XE SD-WAN Software 安全漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking for the Cisco IOS XE network operating system. A security vulnerability exists in Cisco IOS XE SD-WAN Software that originates from insufficient validation of inputs to the system CLI...

PT-2022-4325 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This...

PT-2022-2315 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software affected versions not specified Description: A vulnerability in the IPSec decryption routine could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS...

VulnCheck KEV: CVE-2017-6740

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload...

CVE-2021-1434

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system. This vulnerability is due to insufficient validation of the parameters of a specific CLI command. An attacker could exploit this...

Cisco IOS XE Information Disclosure and Denial of Service Vulnerability (CNVD-2020-57582)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. An information disclosure and denial of service vulnerability exists in the Web management framework of Cisco IOS XE. An attacker could exploit this vulnerability to gain...

Cisco IOS XE Software Command Injection Vulnerability

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in the Web UI in Cisco IOS XE Software, which stems from a lack of validation of user input. An attacker can exploit this vulnerability by...

Cisco IOS XE Command Injection Vulnerability (CNVD-2020-31974)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A command injection vulnerability exists in the Web UI in Cisco IOS XE, which stems from the program failing to perform sufficient input validation for HTTP requests. A remote...

Cisco IOS XE Privilege Permission and Access Control Issues Vulnerability (CNVD-2020-31965)

Cisco IOS XE is the United States Cisco Cisco company's set of operating system developed for its network equipment. A privilege-granting and access-control issue vulnerability exists in Virtual Services Container in Cisco IOS XE Software, which arises from the program's failure to adequately...

CVE-2019-12667

A vulnerability in the web framework code of Cisco IOS XE Software could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the web interface of the affected software. The vulnerability is due to insufficient input validation of some...