Threat Encyclopedia



This indicates an attempt to exploit a Remote Command Execution vulnerability in Cisco IOS device administration.
There exists a vulnerability in Cisco IOS devices that can be exploited by sending a carefully-constructed URL. By doing this a remote attacker can execute arbitrary commands when the HTTP server is enabled and local authorization is used.

affected-products-logoAffected Products

Any Cisco IOS 11.3 to 12.2 (except 10.3, 11.0, 11.1, and 11.2) using local authentication databases, with the HTTP server enabled, is vulnerable to the attack.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade IOS to non-vulnerable releases.
Disable the HTTP server.
Enable TACACS+ or radius authentication.

CVE References

CVE-2000-0984 CVE-2001-0537

Telemetry logoTelemetry