Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-0077Reliance on Security Through Obscurity in Cisco IOS

CWE-656Reliance on Security Through ObscurityCWE-657Violation of Secure Design PrinciplesCWE-342Predictable Exact Value from Previous Values11 documents8 sources
Severity
9.3CRITICALNVD
EPSS
12.1%
top 6.16%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco IOS
Timeline
PublishedSep 6
Latest updateApr 16

Description

The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows remote attackers to connect to the web interface by guessing a TCP sequence number, possibly involving spoofing of an ARP packet, a related issue to CVE-1999-0077.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

ciscocisco/ios

🔴Vulnerability Details

2
VulDB
Microsoft Windows NT 4.0 TCP Sequence Number authentication spoofing (EDB-19522 / Nessus ID 10443)2026-04-16
GHSA
GHSA-w5wj-83wg-9p94: The Aztech DSL600EU router, when WAN access to the web interface is disabled, does not properly block inbound traffic on TCP port 80, which allows rem2022-05-01

💥Exploits & PoCs

1
Exploit-DB
Linux Kernel 2.2 - Predictable TCP Initial Sequence Number1999-09-27

📋Vendor Advisories

3
Cisco
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements2001-03-01
Red Hat
CVE-1999-0077: Predictable TCP sequence numbers allow spoofing
Cisco
Cisco IOS Software TCP Initial Sequence Number Randomization Improvements

📐Framework References

3
CWE
Reliance on Security Through Obscurity
CWE
Violation of Secure Design Principles
CWE
Predictable Exact Value from Previous Values

💬Community

1
Bugzilla
CVE kernel non-issue statements2010-05-13
CVE-1999-0077 — Reliance on Security Through Obscurity | cvebase