17 matches found
CVE-2025-20160
Cisco IOS and IOS XE TACACS+ vulnerability (CVE-2025-20160): the TACACS+ implementation fails to properly verify the configured shared secret, enabling unauthenticated remote attackers to read unencrypted TACACS+ messages or bypass authentication. This can lead to exposure of sensitive informatio...
PT-2025-39304
Name of the Vulnerable Software and Affected Versions Cisco IOS Software affected versions not specified Description A flaw exists in the web UI of Cisco IOS Software that may allow a remote attacker with low privileges to trigger a denial of service DoS condition. This is caused by improper inpu...
Cisco IOS XE 代码问题漏洞
Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A code issue vulnerability exists in Cisco IOS XE that stems from insufficient input...
The vulnerability of the LISP protocol implementation in Cisco IOS and Cisco IOS XE operating systems allows a hacker to trigger a service failure.
The vulnerability of the LISP protocol implementation in Cisco IOS and Cisco IOS XE operating systems is related to uncontrolled recursion during the processing of LISP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
The vulnerability of the implementation of Cisco IOS protocols for Integrated Services Routers Generation 2 allows a attacker to trigger a device reboot or cause a service failure.
The vulnerability of the Cisco IOS protocol for Integrated Services Routers Generation 2 ISR G2 is related to errors in Ethernet packet classification. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause service failure...
Cisco IOS XE Software 路径遍历漏洞
Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A path traversal vulnerability exists in Cisco IOS XE. An attacker exploits this...
VulnCheck KEV: CVE-2018-0173
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets can allow for denial-of-service DoS...
The vulnerabilities of the Snort mechanism on the Cisco IOS operating system, the Cisco Firepower Threat Defense network firewall, and the Cisco Firepower Management Center network management software allow attackers to compromise the integrity of protected information.
The vulnerabilities of the Snort mechanism on the Cisco IOS operating system, the Cisco Firepower Threat Defense network firewall, and the Cisco Firepower Management Center network management software are related to deficiencies in the segmentation of the controlled system area. Exploitation of...
The vulnerability in the Web UI of the Cisco IOS XE operating system, which allows a hacker to elevate their privileges to the root level
The vulnerability of the Cisco IOS XE operating system’s Web UI is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level remotely...
The vulnerability of the Cisco IOS XR operating system, related to errors in exception states, allows a perpetrator to trigger a service failure.
The vulnerability of the Cisco IOS XR operating system is related to errors in exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure by introducing malicious traffic into the target EVPN network...
Cisco IOS and IOS XE Software Denial of Service Vulnerability (CNVD-2019-01903)
Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices.TACACS+ is one of the terminal access control subsystems. An input validation vulnerability exists in the TACACS+ client subsystem in Cisco IOS Software and IOS XE Software, which stems fr...
The vulnerability of Cisco IOS and Cisco IOS XE operating systems, related to incorrect packet validation, allows attackers to trigger service failures or execute arbitrary code.
The vulnerability of Cisco IOS and Cisco IOS XE operating systems is related to incorrect data validation. Exploiting this vulnerability can allow a malicious actor to trigger an emergency shutdown of the watchdog timer or execute arbitrary code by sending a specially crafted Smart Install messag...
CVE-2018-0175
Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...
Cisco IOS Denial of Service Vulnerability (CNVD-2017-20387)
Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in IOS versions prior to 15.24S6, which stems from a program failure to initialize variables. A remote attacker could exploit this vulnerability to cause a denial of service CPU consumptio...
Cisco IOS XE Denial of Service Vulnerability (CNVD-2016-09465)
Cisco IOS XE is the United States Cisco Cisco company's next-generation network operator routing system, a fully modular and fully distributed network interconnection operating system. A denial-of-service vulnerability exists in Cisco IOS XE, which allows an attacker to exploit the vulnerability ...
Vulnerability of Cisco IOS software, which allows a malicious actor to trigger a service failure
The vulnerability in the SSL VPN function known as WebVPN in Cisco IOS allows malicious actors to trigger a service failure excessive memory consumption by using specially crafted HTTP requests...
The vulnerability of the Cisco IOS operating system, related to resource management errors, allows attackers to trigger a service failure.
The vulnerability of the Cisco IOS operating system is related to a resource management error. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...