CVE-2008-4128
Cisco IOS Cross-Site Request Forgery Vulnerability
⚠ KEVEPSS 12.0%
描述
Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI.
如何修補 CVE-2008-4128
OSV 沒有提供套件對應 — 請參考下方連結尋找廠商提供的建議。
CVE-2008-4128 正在被利用嗎?
是 — CVE-2008-4128 已列入 CISA Known Exploited Vulnerabilities (KEV) 清單,代表正在被實際利用,請立即修補。
受影響套件(0)
OSV 沒有提供套件對應。