CVE-2022-20864

A vulnerability in the password-recovery disable feature of Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches could allow an unauthenticated, local attacker to recover the configuration or reset the enable password. This vulnerability is due to a problem with the file and boot...

PT-2022-6312 · Cisco · Cisco Ios Xe Rom Monitor (Rommon) +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE ROM Monitor ROMMON Software for Cisco Catalyst Switches affected versions not specified Description: A problem with file and boot variable permissions in ROMMON could allow an unauthenticated, local attacker to recover the...

Cisco Catalyst 安全漏洞

Cisco Catalyst is a family of switches from Cisco USA. A security vulnerability exists in the Cisco IOS XE ROM Monitor for Cisco Catalyst that stems from a file and boot variable permission issue in ROMMON. An attacker exploiting this vulnerability could read any file or reset the enable password...

CVE-2021-27166

An issue was discovered on FiberHome HG6245D devices through RP2613. The password for the enable command is gpon...

CVE-2020-29378

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user to full administrative access by using the password !j@ly$z%x6x7q8c9z for the...

MISP Information Disclosure Vulnerability

MISP is a suite of open source software solutions for collecting, storing, distributing and sharing cybersecurity metrics and threats cybersecurity event analysis and malware analysis. A security vulnerability exists in the 'adminedit' function of the app/Controller/UsersController.php file in MI...

Cisco Enable / Privileged Exec Support

In Nexpose version 6.4.28, we are adding support for privileged elevation on Cisco devices through enable command for those that are running SSH version 2. A fully privileged policy scan provides more accurate information on the target's compliance status, and the ability to do so through enable...

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

Cisco IOS HTTP exec path command execution

Added: 12/23/2010 CVE: CVE-2000-0945 BID: 1846 OSVDB: 444 Background The Cisco Internetwork Operating System IOS is the operating system used by Cisco routers. Problem A remote attacker could execute arbitrary commands through HTTP requests by requesting a path beginning with /exec. Resolution Se...

PT-2008-2838 · Cisco · Cisco Pix/Asa Finesse Operation System

Name of the Vulnerable Software and Affected Versions: Cisco PIX/ASA Finesse Operation System versions 7.1 through 7.2 Description: The issue allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down th...

Cisco Password Bruteforcer Exploit

No description provided by source. / .: free source :. .: coded 4 Avatar Corp :. enabler. cisco internal bruteforcer. coder - norby concept - anyone this program just logs into a CISCO router and tries a list of passes looking for the enable one. it works in password-only CISCO as well in...

Cisco PIX Firewall Manager stores enable password in plain text

Overview A vulnerability exists in the way the Cisco Pix Firewall Manager stores authentication credentials which could allow local attackers to have read access to the enable password for the Cisco Pix Firewall. Description The PIX Firewall Manager PFM is a software package designed to allow...

ecurity Advisory: Cisco IOS HTTP Server Query Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Cisco IOS HTTP Server Query Vulnerability Revision 1.0 For public release 2000 October 25 at 08:00 US/Pacific UTC+0700 Summary A defect in multiple releases of Cisco IOS software will cause a Cisco router or switch to halt and reload if the IOS HTTP service is...

Cisco IOS 12 - Software ? HTTP Request Denial of Service

Cisco IOS 12 - Software ? HTTP Request Denial of Service source: https://www.securityfocus.com/bid/1838/info Cisco devices running IOS software may be prone to a denial of service attack if a URL containing a question mark followed by a slash ?/ is requested. The device will enter an infinite loo...

Cisco Catalist позволяет любому пользователю получить администраторские привелегии.

В версии П/О 5.41 можно обойти проверку enable-пароля. Исправлено в 5.42...

Cisco LocalDirector Enable Password Loss

...