Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability

Cisco IOS and IOS XE contains a stack-based buffer overflow vulnerability in the Simple Network Management Protocol SNMP subsystem that could allow for denial of service or remote code execution. A successful exploit could allow a low-privileged attacker to cause the affected system to reload,...

CVE-2025-20160

Cisco IOS and IOS XE TACACS+ vulnerability (CVE-2025-20160): the TACACS+ implementation fails to properly verify the configured shared secret, enabling unauthenticated remote attackers to read unencrypted TACACS+ messages or bypass authentication. This can lead to exposure of sensitive informatio...

PT-2025-39304

Name of the Vulnerable Software and Affected Versions Cisco IOS Software affected versions not specified Description A flaw exists in the web UI of Cisco IOS Software that may allow a remote attacker with low privileges to trigger a denial of service DoS condition. This is caused by improper inpu...

Cisco IOS XE 代码问题漏洞

Cisco IOS XE is an operating system from Cisco, Inc. Used as a single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A code issue vulnerability exists in Cisco IOS XE that stems from insufficient input...

The vulnerability of the SNMP protocol implementation in Cisco IOS, IOS XE, and Cisco IOS XR systems allows a perpetrator to trigger a service failure.

The vulnerability of SNMP protocol implementations in Cisco IOS, IOS XE, and Cisco IOS XR lies in the access to the buffer with an incorrect length value. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the LISP protocol implementation in Cisco IOS and Cisco IOS XE operating systems allows a hacker to trigger a service failure.

The vulnerability of the LISP protocol implementation in Cisco IOS and Cisco IOS XE operating systems is related to uncontrolled recursion during the processing of LISP packets. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the IPv4 Virtual Fragmentation Reassembly (VFR) function in Cisco IOS XE allows a attacker to trigger a service failure or cause a device to restart.

The vulnerability of the IPv4 Virtual Fragmentation Reassembly VFR function in Cisco IOS XE operating systems is related to the use of memory after it is freed. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause a service failure by sending fragmented...

The vulnerability of the implementation of Cisco IOS protocols for Integrated Services Routers Generation 2 allows a attacker to trigger a device reboot or cause a service failure.

The vulnerability of the Cisco IOS protocol for Integrated Services Routers Generation 2 ISR G2 is related to errors in Ethernet packet classification. Exploiting this vulnerability can allow a malicious actor to trigger a device reboot or cause service failure...

Cisco IOS XE Software 路径遍历漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A path traversal vulnerability exists in Cisco IOS XE. An attacker exploits this...

VulnCheck KEV: CVE-2018-0173

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets can allow for denial-of-service DoS...

思科 Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core, and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from insufficient...

The vulnerabilities of the Snort mechanism on the Cisco IOS operating system, the Cisco Firepower Threat Defense network firewall, and the Cisco Firepower Management Center network management software allow attackers to compromise the integrity of protected information.

The vulnerabilities of the Snort mechanism on the Cisco IOS operating system, the Cisco Firepower Threat Defense network firewall, and the Cisco Firepower Management Center network management software are related to deficiencies in the segmentation of the controlled system area. Exploitation of...

The vulnerability in the implementation of the Cisco Discovery protocol in Cisco NX-OS, Cisco FXOS, and Cisco IOS XR operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco Discovery protocol in operating systems such as Cisco NX-OS, Cisco FXOS, and Cisco IOS XR is due to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

The vulnerability in the Web UI of the Cisco IOS XE operating system, which allows a hacker to elevate their privileges to the root level

The vulnerability of the Cisco IOS XE operating system’s Web UI is related to insufficient checking of arguments passed in commands. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level remotely...

The vulnerability of the Cisco IOS XR operating system, related to errors in exception states, allows a perpetrator to trigger a service failure.

The vulnerability of the Cisco IOS XR operating system is related to errors in exceptional states. Exploiting this vulnerability can allow an attacker to cause a service failure by introducing malicious traffic into the target EVPN network...

Cisco IOS and IOS XE Software Denial of Service Vulnerability (CNVD-2019-01903)

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices.TACACS+ is one of the terminal access control subsystems. An input validation vulnerability exists in the TACACS+ client subsystem in Cisco IOS Software and IOS XE Software, which stems fr...

The vulnerability of Cisco IOS and Cisco IOS XE operating systems, related to incorrect packet validation, allows attackers to trigger service failures or execute arbitrary code.

The vulnerability of Cisco IOS and Cisco IOS XE operating systems is related to incorrect data validation. Exploiting this vulnerability can allow a malicious actor to trigger an emergency shutdown of the watchdog timer or execute arbitrary code by sending a specially crafted Smart Install messag...

CVE-2018-0175

Format String vulnerability in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges o...

Cisco IOS Denial of Service Vulnerability (CNVD-2017-20387)

Cisco IOS is an operating system developed by Cisco for its network devices. A security vulnerability exists in IOS versions prior to 15.24S6, which stems from a program failure to initialize variables. A remote attacker could exploit this vulnerability to cause a denial of service CPU consumptio...

Cisco IOS XE Denial of Service Vulnerability (CNVD-2016-09465)

Cisco IOS XE is the United States Cisco Cisco company's next-generation network operator routing system, a fully modular and fully distributed network interconnection operating system. A denial-of-service vulnerability exists in Cisco IOS XE, which allows an attacker to exploit the vulnerability ...