THREATOPS
THREAT OPSCVEs › CVE-2008-4128

CVE-2008-4128 — Cisco IOS Cross-Site Request Forgery Vulnerability

CISA KEVExploited: confirmedCisco

Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI.

Vulnerability details

Related reporting