Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS Web Server跨站脚本漏洞
Vulnerability Description
Cisco IOS是Cisco设备所使用的操作系统。 Cisco IOS Web Server fot IOS 12.0(2a)中存在跨站脚本漏洞,这允许远程攻击者通过以下方式注入任意的Web脚本或HTML。 (1) 包含HTML的数据包; (2) 发送带有HTML负载的Cisco Discovery Protocol (CDP)数据包 。 注意:此漏洞原始报告中要求在/level/15/exec/-/show/buffers中启用dump 和 packet 功能。
CVSS Information
N/A
Vulnerability Type
N/A