Page 36 of 181 results (0.007 seconds)

CVSS: 9.3EPSS: 84%CPEs: 91EXPL: 7

HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. • https://www.exploit-db.com/exploits/20975 https://www.exploit-db.com/exploits/20976 https://www.exploit-db.com/exploits/20977 https://www.exploit-db.com/exploits/20978 http://www.cert.org/advisories/CA-2001-14.html http://www.ciac.org/ciac/bulletins/l-106.shtml http://www.cisco.com/warp/public/707/IOS-httplevel-pub.html http://www.osvdb.org/578 http://www.securityfocus.com/archive/1/1601227034.20010702112207%40olympos.org http://www.securityfocus.com/archive/1/ • CWE-287: Improper Authentication •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. • https://www.exploit-db.com/exploits/19522 http://www.cisco.com/warp/public/707/ios-tcp-isn-random-pub.shtml •

CVSS: 7.5EPSS: 1%CPEs: 2EXPL: 0

Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. • http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml http://www.kb.cert.org/vuls/id/840665 https://exchange.xforce.ibmcloud.com/vulnerabilities/6180 •

CVSS: 5.0EPSS: 0%CPEs: 201EXPL: 0

Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. • http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml http://www.kb.cert.org/vuls/id/848944 https://exchange.xforce.ibmcloud.com/vulnerabilities/6178 •

CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 2

The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. • https://www.exploit-db.com/exploits/20323 http://www.cisco.com/warp/public/707/ioshttpserverquery-pub.shtml http://www.securityfocus.com/bid/1838 https://exchange.xforce.ibmcloud.com/vulnerabilities/5412 •