Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2001-1064 — Cisco Cbos vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

12.6%

top 6.03%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Cisco Cbos

Timeline

PublishedAug 31

Latest updateApr 30

Description

Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/cbos2.4.2ap+14

Patches

Patch: www.cisco.com ↗Patch: www.securityfocus.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-3f6g-q6j8-gjpg: Cisco 600 series routers running CBOS 2↗2022-04-30

▶

CVEList

CVE-2001-1064: Cisco 600 series routers running CBOS 2↗2002-02-02

▶

💥Exploits & PoCs

Exploit-DB

Cisco CBOS 2.x - Multiple TCP Connection Denial of Service Vulnerabilities↗2001-08-23

▶