Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS HTTP Administration组件跨站请求伪造漏洞
Vulnerability Description
871 Integrated Services Router上的Cisco IOS 12.4的HTTP Administration 组件中存在跨站请求伪造漏洞。远程攻击者可以通过(1) 对 /level/15/exec/- URI的某个"s展示特权"命令, 以及 (2)对 /level/15/exec/-/configure/http URI的某个"化名执行" 命令,以执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A