2 matches found
CVE-2008-4128
Multiple cross-site request forgery CSRF vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via 1 a certain "show privilege" command to the /level/15/exec/- URI, and 2 a certain "alias...
CVE-2008-4128
Cisco IOS 12.4 on the 871 Integrated Services Router is affected by CSRF vulnerabilities in the HTTP Administration component. Remote attackers can induce arbitrary commands via the /level/15/exec/- endpoint using a show privilege command or via /level/15/exec/-/configure/http with an alias exec ...