Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-1222

CWE-119Buffer Overflow4 documents4 sources
Severity
7.1HIGH
EPSS
24.4%
top 3.90%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco Catos
Timeline
PublishedOct 28
Latest updateApr 30

Description

Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDcisco/catos7 versions+6

Patches

Patch: www.cisco.comPatch: www.securityfocus.comPatch: www.cisco.com

🔴Vulnerability Details

2
GHSA
GHSA-35x5-g32v-j75x: Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 52022-04-30
CVEList
CVE-2002-1222: Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 52004-09-01

💥Exploits & PoCs

1
Exploit-DB
Cisco CatOS 5.x/6.1/7.3/7.4 - CiscoView HTTP Server Buffer Overflow2002-10-16
CVE-2002-1222 (HIGH CVSS 7.1) | Buffer overflow in the embedded HTT | cvebase.io