macc /
EN FR
Book a meeting
← Back to console
High CISA KEV · USA CVE-2008-4128

Cisco IOS Cross-Site Request Forgery Vulnerability

Published

Description

Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI.