Filtered by vendor Cisco Subscriptions
Filtered by product Asr 1001 Subscriptions
Total 58 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-34723 1 Cisco 21 1100-4g Integrated Services Router, 1100-4gltegb Integrated Services Router, 1100-4gltena Integrated Services Router and 18 more 2024-11-07 6.7 Medium
A vulnerability in a specific CLI command that is run on Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the configuration database of an affected device. This vulnerability is due to insufficient validation of specific CLI command parameters. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content of the configuration database and gain root-level access to an affected device.
CVE-2021-34724 1 Cisco 49 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 46 more 2024-11-07 6 Medium
A vulnerability in the Cisco IOS XE SD-WAN Software CLI could allow an authenticated, local attacker to elevate privileges and execute arbitrary code on the underlying operating system as the root user. An attacker must be authenticated on an affected device as a PRIV15 user. This vulnerability is due to insufficient file system protection and the presence of a sensitive file in the bootflash directory on an affected device. An attacker could exploit this vulnerability by overwriting an installer file stored in the bootflash directory with arbitrary commands that can be executed with root-level privileges. A successful exploit could allow the attacker to read and write changes to the configuration database on the affected device.
CVE-2021-34725 1 Cisco 49 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 46 more 2024-11-07 6.7 Medium
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands to be executed with root-level privileges on the underlying operating system. This vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the CLI. The attacker must be authenticated as an administrative user to execute the affected commands. A successful exploit could allow the attacker to execute commands with root-level privileges.
CVE-2021-34727 1 Cisco 49 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 46 more 2024-11-07 9.8 Critical
A vulnerability in the vDaemon process in Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes traffic. An attacker could exploit this vulnerability by sending crafted traffic to the device. A successful exploit could allow the attacker to cause a buffer overflow and possibly execute arbitrary commands with root-level privileges, or cause the device to reload, which could result in a denial of service condition.
CVE-2021-1620 1 Cisco 277 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 274 more 2024-11-07 7.7 High
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) support for the AutoReconnect feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to exhaust the free IP addresses from the assigned local pool. This vulnerability occurs because the code does not release the allocated IP address under certain failure conditions. An attacker could exploit this vulnerability by trying to connect to the device with a non-AnyConnect client. A successful exploit could allow the attacker to exhaust the IP addresses from the assigned local pool, which prevents users from logging in and leads to a denial of service (DoS) condition.
CVE-2021-1621 1 Cisco 45 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 42 more 2024-11-07 7.4 High
A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of certain Layer 2 frames. An attacker could exploit this vulnerability by sending specific Layer 2 frames on the segment the router is connected to. A successful exploit could allow the attacker to cause a queue wedge on the interface, resulting in a DoS condition.
CVE-2021-1529 1 Cisco 57 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4p Integrated Services Router and 54 more 2024-11-07 7.8 High
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with root privileges. The vulnerability is due to insufficient input validation by the system CLI. An attacker could exploit this vulnerability by authenticating to an affected device and submitting crafted input to the system CLI. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.
CVE-2022-20775 1 Cisco 83 1100-4g Integrated Services Router, 1100-4p Integrated Services Router, 1100-6g Integrated Services Router and 80 more 2024-11-06 7.8 High
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
CVE-2022-20818 1 Cisco 83 1100-4g Integrated Services Router, 1100-4p Integrated Services Router, 1100-6g Integrated Services Router and 80 more 2024-11-01 7.8 High
Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
CVE-2022-20848 1 Cisco 360 1000 Integrated Services Router, 1100-4g\/6g Integrated Services Router, 1100-4g Integrated Services Router and 357 more 2024-11-01 8.6 High
A vulnerability in the UDP processing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst 9100 Series Access Points could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to the improper processing of UDP datagrams. An attacker could exploit this vulnerability by sending malicious UDP datagrams to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
CVE-2022-20851 1 Cisco 259 1000 Integrated Services Router, 1100-4g Integrated Services Router, 1100-4p Integrated Services Router and 256 more 2024-11-01 5.5 Medium
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI API. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. To exploit this vulnerability, an attacker must have valid Administrator privileges on the affected device.
CVE-2022-20919 1 Cisco 305 1000 Integrated Services Router, 1100-4g Integrated Services Router, 1100-4p Integrated Services Router and 302 more 2024-11-01 8.6 High
A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.
CVE-2023-20066 1 Cisco 271 1000 Integrated Services Router, 1100-4g Integrated Services Router, 1100-4p Integrated Services Router and 268 more 2024-10-25 6.5 Medium
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker could exploit this vulnerability by sending a crafted request to the web UI. A successful exploit could allow the attacker to gain read access to files that are outside the filesystem mountpoint of the web UI. Note: These files are located on a restricted filesystem that is maintained for the web UI. There is no ability to write to any files on this filesystem.
CVE-2023-20081 1 Cisco 304 1100-4g Integrated Services Router, 1100-4p Integrated Services Router, 1100-6g Integrated Services Router and 301 more 2024-10-25 6.8 Medium
A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of DHCPv6 messages. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Note: To successfully exploit this vulnerability, the attacker would need to either control the DHCPv6 server or be in a man-in-the-middle position.
CVE-2013-5545 1 Cisco 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more 2024-09-17 N/A
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) by sending many PPTP packets over NAT, aka Bug ID CSCuh19936.
CVE-2013-1167 1 Cisco 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more 2024-09-17 N/A
Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558.
CVE-2013-5546 1 Cisco 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more 2024-09-17 N/A
The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via large TCP packets that are processed by the (1) NAT or (2) ALG component, aka Bug ID CSCud72509.
CVE-2013-2779 1 Cisco 9 Asr 1001, Asr 1002, Asr 1002-x and 6 more 2024-09-17 N/A
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 MVPN (aka MVPNv6) packets, aka Bug ID CSCub34945, a different vulnerability than CVE-2013-1164.
CVE-2013-1166 1 Cisco 8 Asr 1001, Asr 1002, Asr 1002-x and 5 more 2024-09-17 N/A
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609.
CVE-2013-5543 1 Cisco 7 Asr 1001, Asr 1002, Asr 1002-x and 4 more 2024-09-16 N/A
Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers to cause a denial of service (device reload) via malformed ICMP error packets associated with a (1) TCP or (2) UDP session that is under inspection by the Zone-Based Firewall (ZBFW) component, aka Bug ID CSCtt26470.