📦 Ios Xr

This critical vulnerability allows remote attackers to execute arbitrary code with root privileges on affected Cisco devices. Unauthenticated attackers can exploit Cisco ASA/FTD devices, while authent...

This vulnerability allows an unauthenticated remote attacker to execute unsigned code during the PXE boot process on affected Cisco IOS XR devices. Attackers can exploit this by compromising or impers...

An out-of-bounds array access vulnerability in Cisco's TWAMP server implementation allows unauthenticated remote attackers to cause device reloads (DoS) by sending crafted TWAMP control packets. Affec...

An unauthenticated remote attacker can cause denial of service on affected Cisco routers by sending crafted IPv4 multicast packets to line cards with ACLs or QoS policies applied. This vulnerability a...

An unauthenticated remote attacker can send malformed IKEv2 packets to Cisco IOS XR devices, causing them to stop processing all control plane UDP packets. This results in a denial of service conditio...

A memory corruption vulnerability in Cisco IOS XR's BGP confederation implementation allows unauthenticated remote attackers to cause denial of service. Attackers can exploit this by sending crafted B...

This vulnerability in Cisco IOS XR Software allows an authenticated, low-privileged local attacker to execute arbitrary commands as root on the underlying OS by exploiting insufficient validation of u...

An unauthenticated adjacent attacker can send specially crafted packets to Cisco IOS XR devices, causing control plane traffic to stop working. This affects Cisco IOS XR Software Release 7.9.2 on mult...

This vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to cause line card resets by sending crafted IPv4 packets to interfaces with IPv4 ACL or QoS policies applied. This ...

A vulnerability in Cisco IOS, IOS XE, and IOS XR Software allows authenticated remote attackers to cause denial of service by sending crafted SNMP requests. This affects devices with SNMP enabled usin...

This vulnerability allows authenticated attackers with Administrator privileges on Cisco Routed PON Manager or direct MongoDB access to execute arbitrary commands as root on the PON Controller contain...

This vulnerability allows authenticated remote attackers to bypass authorization checks in the JSON-RPC API of affected Cisco products, enabling unauthorized configuration changes. Attackers could cre...

This vulnerability in Cisco IOS XR Software allows authenticated local attackers with low-privileged accounts to gain root-level file system access through crafted CLI commands. Attackers can read and...

This vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to send crafted Mtrace2 packets that exhaust UDP packet memory, causing denial of service. Affected devices become u...

This vulnerability allows authenticated local attackers with low privileges on affected Cisco routers to elevate their privileges to root by exploiting insufficient argument validation in the SSH clie...

An unauthenticated adjacent attacker can crash the ppp_ma process on Cisco ASR 9000 routers running IOS XR with BNG and PPPoE termination, causing denial of service for PPPoE traffic. This affects rou...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

An unauthenticated remote attacker can send crafted IPv4 BFD packets to cause line card resets on affected Cisco routers, resulting in denial of service. This affects Cisco ASR 9000, ASR 9902, and ASR...

This vulnerability allows unauthenticated remote attackers to cause Cisco ASR 9000 Series routers with Lightspeed-Plus line cards to reset by sending specially crafted IPv4 or IPv6 packets. This resul...

This vulnerability allows an unauthenticated attacker on the same network segment to send specially crafted UDLD packets to Cisco networking devices, causing them to reload and creating a denial of se...

This vulnerability allows authenticated local users with low privileges to execute arbitrary commands with elevated privileges on Cisco IOS XR devices. Attackers can exploit command injection flaws in...

This vulnerability allows authenticated local attackers with low-privileged accounts to elevate their privileges on Cisco IOS XR devices. Attackers can execute arbitrary commands with root-level acces...

An unauthenticated attacker on the same network segment can send specially crafted Ethernet frames to Cisco ASR 9000 routers running vulnerable IOS XR software, causing affected line cards to reboot d...

This vulnerability allows unauthenticated remote attackers to bypass egress ACLs on Cisco IOS XR devices when traffic flows between different line cards. Network administrators using affected Cisco IO...

This vulnerability allows authenticated local attackers with root-system privileges on Cisco IOS XR devices to bypass image signature verification during boot. Attackers can manipulate boot configurat...

This vulnerability allows authenticated local attackers with root-system privileges on Cisco IOS XR devices to bypass Secure Boot integrity checks and load unverified software during boot. It affects ...

A heap buffer overflow vulnerability in Cisco Discovery Protocol (CDP) implementation for Cisco IOS XR Software allows unauthenticated adjacent attackers to cause the CDP process to reload. This affec...

This vulnerability in Cisco IOS XR Software allows authenticated local attackers with valid credentials to read any file on the underlying Linux file system. Attackers need low-privileged access to th...

This vulnerability allows authenticated local attackers with root-system privileges on Cisco IOS XR devices to bypass Secure Boot functionality and load unverified software. The flaw exists in the sof...