漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS Web Server跨站脚本漏洞
Vulnerability Description
Cisco IOS是Cisco设备所使用的操作系统。 Cisco IOS Web Server fot IOS 12.0(2a)中存在跨站脚本漏洞,这允许远程攻击者通过以下方式注入任意的Web脚本或HTML。 (1) 包含HTML的数据包; (2) 发送带有HTML负载的Cisco Discovery Protocol (CDP)数据包 。 注意:此漏洞原始报告中要求在/level/15/exec/-/show/buffers中启用dump 和 packet 功能。
CVSS Information
N/A
Vulnerability Type
N/A