Page 29 of 151 results (0.003 seconds)

CVSS: 9.3EPSS: 84%CPEs: 91EXPL: 7

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. • https://www.exploit-db.com/exploits/20975 https://www.exploit-db.com/exploits/20976 https://www.exploit-db.com/exploits/20977 https://www.exploit-db.com/exploits/20978 http://www.cert.org/advisories/CA-2001-14.html http://www.ciac.org/ciac/bulletins/l-106.shtml http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html http://www.osvdb.org/578 http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.org http://www.securityfocus.com/archive/1/ • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml •

CVSS: 5.0EPSS: 0%CPEs: 201EXPL: 0

Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. • http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml http://www.kb.cert.org/vuls/id/848944 https://exchange.xforce.ibmcloud.com/vulnerabilities/6178 •

CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 2

The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. • https://www.exploit-db.com/exploits/20323 http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml http://www.securityfocus.com/bid/1838 https://exchange.xforce.ibmcloud.com/vulnerabilities/5412 •

CVSS: 5.0EPSS: 0%CPEs: 18EXPL: 0

Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. • http://www.cisco.com/warp/public/707/gsraclbypassdos-pub.shtml http://www.osvdb.org/793 http://www.osvdb.org/798 http://www.securityfocus.com/bid/1541 •