CVSS: 10.0EPSS: 2%CPEs: 228EXPL: 0CVE-2006-4950
https://notcve.org/view.php?id=CVE-2006-4950
Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. Cisco IOS 12.2 hasta 12.4 anteriores al 20/09/2006, usados por Cisco IAD2430, IAD2431, y IAD2432 Integrated Access Devices, el VG224 Analog Phone Gateway, y el MWR 1900 y 1941 Mobile Wireless Edge Routers, está identificado de forma incorrecta como soporte DOCSIS, lo que permiet a un atacante remoto conseguir acceso lectura-escritura a través de una secuencia de hard-coded cable-docsis y leer o modificar variables SNMP de su elección. • http://secunia.com/advisories/21974 http://securitytracker.com/id?1016899 http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml http://www.kb.cert.org/vuls/id/123140 http://www.osvdb.org/29034 http://www.securityfocus.com/bid/20125 http://www.vupen.com/english/advisories/2006/3722 https://exchange.xforce.ibmcloud.com/vulnerabilities/29054 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5665 •
CVSS: 4.6EPSS: 0%CPEs: 130EXPL: 0CVE-2006-0485
https://notcve.org/view.php?id=CVE-2006-0485
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. • http://secunia.com/advisories/18613 http://securitytracker.com/id?1015543 http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml http://www.osvdb.org/34892 http://www.securityfocus.com/bid/16383 http://www.vupen.com/english/advisories/2006/0337 https://exchange.xforce.ibmcloud.com/vulnerabilities/24308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5836 •
CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0CVE-2006-0486
https://notcve.org/view.php?id=CVE-2006-0486
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. • http://secunia.com/advisories/18613 http://securitytracker.com/id?1015543 http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml http://www.osvdb.org/22723 https://exchange.xforce.ibmcloud.com/vulnerabilities/24308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4905 •
CVSS: 7.1EPSS: 3%CPEs: 108EXPL: 0CVE-2006-0340
https://notcve.org/view.php?id=CVE-2006-0340
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. • http://secunia.com/advisories/18490 http://securityreason.com/securityalert/358 http://securitytracker.com/id?1015501 http://www.cisco.com/warp/public/707/cisco-sa-20060118-sgbp.shtml http://www.osvdb.org/22624 http://www.securityfocus.com/bid/16303 http://www.vupen.com/english/advisories/2006/0248 https://exchange.xforce.ibmcloud.com/vulnerabilities/24182 • CWE-20: Improper Input Validation •
CVSS: 2.6EPSS: 5%CPEs: 225EXPL: 2CVE-2005-3921
https://notcve.org/view.php?id=CVE-2005-3921
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers. • http://secunia.com/advisories/17780 http://secunia.com/advisories/18528 http://securityreason.com/securityalert/227 http://securitytracker.com/id?1015275 http://www.cisco.com/warp/public/707/cisco-sa-20051201-http.shtml http://www.idefense.com/intelligence/vulnerabilities/display.php?id=372 http://www.infohacking.com/INFOHACKING_RESEARCH/Our_Advisories/cisco/index.html http://www.securityfocus.com/archive/1/417916/100/0/threaded http://www.securityfocus.com/bid/15602 http://www.securit •