Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cisco ios - vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-20198
Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previou...
Cisco Ios Xe
3 Metasploit modules
35 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
8.8
CVSSv3
CVE-2023-20235
A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote malicious user to access the underlying operating system as the root user. This vulnerabili...
Cisco Ios Xe
6.6
CVSSv3
CVE-2023-20109
A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affec...
Cisco Ios 15.2\\(4\\)ea
Cisco Ios 15.4\\(2\\)s2
Cisco Ios 15.0\\(2\\)ex4
Cisco Ios 15.1\\(3\\)s4
Cisco Ios 15.3\\(2\\)s1
Cisco Ios 15.1\\(1\\)s
Cisco Ios 15.1\\(2\\)sy10
Cisco Ios 12.4\\(22\\)mda6
Cisco Ios 15.5\\(1\\)t1
Cisco Ios 15.4\\(2\\)s4
Cisco Ios 15.2\\(2\\)e5b
Cisco Ios 15.0\\(1\\)xa
Cisco Ios 15.3\\(2\\)s
Cisco Ios 15.2\\(2\\)sy
Cisco Ios 12.4\\(24\\)mda10
Cisco Ios 15.6\\(2\\)sp2
Cisco Ios 15.6\\(2\\)t3
Cisco Ios 15.1\\(3\\)mra1
Cisco Ios 15.6\\(1\\)t2
Cisco Ios 15.2\\(3\\)e2
Cisco Ios 12.4\\(22\\)xr12
Cisco Ios 12.4\\(24\\)mdb15
9.1
CVSSv3
CVE-2023-20186
A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote malicious user to bypass command authorization and copy files to or from the file system of an affected device u...
Cisco Ios 15.2\\(4\\)ea
Cisco Ios 15.4\\(2\\)s2
Cisco Ios 15.0\\(2\\)ex4
Cisco Ios 15.1\\(3\\)s4
Cisco Ios 15.3\\(2\\)s1
Cisco Ios 15.1\\(1\\)s
Cisco Ios 15.1\\(2\\)sy10
Cisco Ios 15.5\\(1\\)t1
Cisco Ios 15.4\\(2\\)s4
Cisco Ios 15.2\\(2\\)e5b
Cisco Ios 15.0\\(1\\)ey
Cisco Ios 15.0\\(1\\)xa
Cisco Ios 15.3\\(2\\)s
Cisco Ios 12.2\\(60\\)ez7
Cisco Ios 12.2\\(58\\)ex
Cisco Ios 15.2\\(2\\)sy
Cisco Ios 15.6\\(2\\)sp2
Cisco Ios 15.6\\(2\\)t3
Cisco Ios 15.1\\(3\\)mra1
Cisco Ios 15.6\\(1\\)t2
Cisco Ios 15.2\\(3\\)e2
Cisco Ios 15.1\\(2\\)sg4
7.5
CVSSv3
CVE-2023-20187
A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote malicious user to cause the affected device to reload, resulting in a denial of service ...
Cisco Ios Xe 3.7.1s
Cisco Ios Xe 3.7.2s
Cisco Ios Xe 3.7.2ts
Cisco Ios Xe 3.7.3s
Cisco Ios Xe 3.7.4s
Cisco Ios Xe 3.7.5s
Cisco Ios Xe 3.7.6s
Cisco Ios Xe 3.7.7s
Cisco Ios Xe 3.8.0s
Cisco Ios Xe 3.8.1s
Cisco Ios Xe 3.8.2s
Cisco Ios Xe 3.9.0s
Cisco Ios Xe 3.9.1s
Cisco Ios Xe 3.9.2s
Cisco Ios Xe 3.10.0s
Cisco Ios Xe 3.10.1s
Cisco Ios Xe 3.10.1xbs
Cisco Ios Xe 3.10.2s
Cisco Ios Xe 3.10.3s
Cisco Ios Xe 3.10.4s
Cisco Ios Xe 3.10.5s
Cisco Ios Xe 3.10.6s
6.5
CVSSv3
CVE-2023-20202
A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers could allow an unauthenticated, adjacent malicious user to cause a denial of service (DoS) condition. This vulnerability is due to improper memory management. An at...
Cisco Ios Xe 17.9.1
Cisco Ios Xe 17.9.1a
Cisco Ios Xe 17.9.1w
Cisco Ios Xe 17.9.1x
Cisco Ios Xe 17.9.1x1
Cisco Ios Xe 17.9.1y
Cisco Ios Xe 17.9.2
Cisco Ios Xe 17.9.2a
Cisco Ios Xe 17.9.2b
Cisco Ios Xe 17.10.1
Cisco Ios Xe 17.10.1a
Cisco Ios Xe 17.10.1b
7.5
CVSSv3
CVE-2023-20226
A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This...
Cisco Ios Xe 17.7.1
Cisco Ios Xe 17.7.1a
Cisco Ios Xe 17.7.2
Cisco Ios Xe 17.8.1
Cisco Ios Xe 17.8.1a
Cisco Ios Xe 17.9.1
Cisco Ios Xe 17.9.1a
Cisco Ios Xe 17.9.2
Cisco Ios Xe 17.9.2a
Cisco Ios Xe 17.10.1
Cisco Ios Xe 17.10.1a
7.5
CVSSv3
CVE-2023-20227
A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packe...
Cisco Ios Xe 16.8.1
Cisco Ios Xe 16.8.1a
Cisco Ios Xe 16.8.1b
Cisco Ios Xe 16.8.1c
Cisco Ios Xe 16.8.1d
Cisco Ios Xe 16.8.1e
Cisco Ios Xe 16.8.1s
Cisco Ios Xe 16.8.2
Cisco Ios Xe 16.8.3
Cisco Ios Xe 16.9.1
Cisco Ios Xe 16.9.1a
Cisco Ios Xe 16.9.1b
Cisco Ios Xe 16.9.1s
Cisco Ios Xe 16.9.2
Cisco Ios Xe 16.9.3
Cisco Ios Xe 16.9.4
Cisco Ios Xe 16.9.5
Cisco Ios Xe 16.9.5f
Cisco Ios Xe 16.9.6
Cisco Ios Xe 16.9.7
Cisco Ios Xe 16.9.8
Cisco Ios Xe 16.10.1
8.8
CVSSv3
CVE-2023-20231
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote malicious user to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sendin...
Cisco Ios Xe 16.12.4
Cisco Ios Xe 16.12.4a
Cisco Ios Xe 16.12.5
Cisco Ios Xe 16.12.5a
Cisco Ios Xe 16.12.5b
Cisco Ios Xe 16.12.6
Cisco Ios Xe 16.12.6a
Cisco Ios Xe 16.12.7
Cisco Ios Xe 16.12.8
Cisco Ios Xe 16.12.9
Cisco Ios Xe 17.2.2
Cisco Ios Xe 17.2.3
Cisco Ios Xe 17.3.1
Cisco Ios Xe 17.3.1a
Cisco Ios Xe 17.3.1w
Cisco Ios Xe 17.3.1x
Cisco Ios Xe 17.3.1z
Cisco Ios Xe 17.3.2
Cisco Ios Xe 17.3.3
Cisco Ios Xe 17.3.4
Cisco Ios Xe 17.3.4a
Cisco Ios Xe 17.3.4b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »