Vulnerability of Cisco IOS and IOS XE operating system web interfaces, allowing attackers to perform CSRF attacks

The vulnerability of Cisco IOS and IOS XE web interfaces is related to deficiencies in authentication procedures. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack by sending a specially crafted HTTP GET request remotely...

The vulnerability of the Resource Public Key Infrastructure (RPKI) function in Cisco IOS XE allows a perpetrator to trigger a service failure.

The vulnerability of the Resource Public Key Infrastructure RPKI function in Cisco IOS XE operating systems is related to the use of the assert function or similar operators. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

SUSE CVE-2016-1407

Cisco IOS XR through 5.3.2 mishandles Local Packet Transport Services LPTS flow-base entries, which allows remote attackers to cause a denial of service session drop by making many connection attempts to open TCP ports, aka Bug ID CSCux95576...

The vulnerability affects Cisco IOS and Cisco IOS XE operating systems via DHCP options. It allows a malicious actor to trigger a device reboot or cause a service failure.

The vulnerability of Cisco IOS and Cisco IOS XE DHCP-enabled operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure using a specially crafted DHCPv4 packet...

The vulnerability of DHCP option 82 for Cisco IOS and Cisco IOS XE operating systems allows a attacker to trigger a device reboot or cause a service failure.

The vulnerability of DHCP option 82 for Cisco IOS and Cisco IOS XE operating systems exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure using a specially crafted DHCPv4 packet...

CVE-2022-20676

A vulnerability in the Tool Command Language Tcl interpreter of Cisco IOS XE Software could allow an authenticated, local attacker to escalate from privilege level 15 to root-level privileges. This vulnerability is due to insufficient input validation of data that is passed into the Tcl...

VulnCheck KEV: CVE-2017-6744

The Simple Network Management Protocol SNMP subsystem of Cisco IOS 1 contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload. An attacker could exploit these vulnerabilities by sending a...

VulnCheck KEV: CVE-2017-12237

A vulnerability in the Internet Key Exchange Version 2 IKEv2 module of Cisco IOS and Cisco IOS XE could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service...

VulnCheck KEV: CVE-2018-0151

A vulnerability in the quality of service QoS subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges...

VulnCheck KEV: CVE-2018-0167

There is a buffer overflow vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software which could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code...

VulnCheck KEV: CVE-2018-0180

A vulnerability in the Login Enhancements Login Block feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service DoS condition...

VulnCheck KEV: CVE-2018-0171

Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service DoS condition, or perform code execution on the affected device...

The vulnerability of the syntax analyzer in the Cisco IOS XE and Cisco IOS operating systems’ command-line TrustSec CLI allows a attacker to trigger a service failure.

The vulnerability of the syntax analyzer in the Cisco IOS XE and Cisco IOS operating systems’ command-line interface is related to improper interaction between the user web interface and the command-line interface. Exploiting this vulnerability allows a malicious actor to trigger a service failur...

The vulnerability of the CLI component of the Cisco IOS XR operating system, allowing a hacker to execute arbitrary commands

The vulnerability of the CLI component of the Cisco IOS XR operating system exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

Cisco IOS XE Software 资源管理错误漏洞

Cisco IOS XE Software is an operating system from the U.S. company Cisco Cisco. Used as a single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity.Cisco IOS XE Software has a denial of service vulnerability...

Cisco IOS XR 信息泄露漏洞

Cisco IOS XR Software is a set of operating systems developed by Cisco for its network devices.Cisco IOS XR Software is vulnerable to information disclosure, which could be exploited by attackers to obtain sensitive configuration information...

The vulnerability of the command-line interface (CLI) of Cisco IOS XE SD-WAN microprogramming software allows a attacker to execute arbitrary commands with superuser privileges.

The vulnerability of the command-line interface CLI of Cisco IOS XE SD-WAN software exists because measures to neutralize specific elements have not been taken. Exploiting this vulnerability allows an attacker to execute arbitrary commands with superuser privileges...

The vulnerability in the web interface of the Cisco IOS XE operating system allows a hacker to elevate their privileges to the root level.

The vulnerability in the Cisco IOS XE operating system’s web interface relates to incorrect restrictions on the path name of the restricted access directory. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level remotely...

Vulnerabilities of Cisco IOS XE operating systems, which allow attackers to compromise the confidentiality and integrity of protected information

The vulnerability of Cisco IOS XE operating systems is related to deficiencies in security mechanisms. Exploiting this vulnerability can allow attackers to compromise the confidentiality and integrity of the protected information...

Cisco Iox 命令注入漏洞

Cisco IOS XE is an open and flexible operating system optimized for future work. A command injection vulnerability exists in Cisco IOS XE versions after 16.3.1. The vulnerability is due to incomplete validation of fields in application packages loaded into IOx. An attacker can exploit the...