Cisco IOS XE vulnerabilities

CVE-2010-2828 [HIGH] CVE-2010-2828: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 throug Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759.

CVE-2010-0576 [HIGH] CVE-2010-0576: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, a Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 an

CVE-2009-2051 [HIGH] CVE-2009-2051: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Ci Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message t

CVE-2009-1168 [HIGH] CWE-399 CVE-2009-1168: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12. Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corrup

CVE-2009-2049 [MEDIUM] CWE-16 CVE-2009-2049: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12. Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of

CVE-2022-20870 Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability CVE-2022-20870: Cisco IOS XE Software for Catalyst Switches MPLS Denial of Service Vulnerability A vulnerability in the egress MPLS packet processing function of Cisco IOS XE Software for Cisco Catalyst 3650, Catalyst 3850, and Catalyst 9000 Family Switches could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) conditi

CVE-2026-20083 Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability CVE-2026-20083: Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An atta

CVE-2020-3474 Cisco IOS XE Software Web Management Framework Vulnerabilities CVE-2020-3474: Cisco IOS XE Software Web Management Framework Vulnerabilities Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. For more information about these v

CVE-2025-20311 Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability CVE-2025-20311: Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to become blocked and drop all outbound traffic. This vulnerability is due to improper handling of cr

CVE-2025-20240 Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability CVE-2025-20240: Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability A vulnerability in the Web Authentication feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting attack (XSS) on an affected device. This vulnerability is due to improper sanitization of user-supplied input. An attacker could e

CVE-2022-20944 Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability CVE-2022-20944: Cisco IOS XE Software for Catalyst 9200 Series Switches Arbitrary Code Execution Vulnerability A vulnerability in the software image verification functionality of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, physical attacker to execute unsigned code at system boot time. This vulnerability is due to an improper check in the

CVE-2025-20312 Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability CVE-2025-20312: Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when parsing a specific

CVE-2026-20110 Cisco IOS XE Software Denial of Service Vulnerability CVE-2026-20110: Cisco IOS XE Software Denial of Service Vulnerability A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit this vulnerability by accessing the management CLI of the affect

CVE-2025-20334 Cisco IOS XE Software HTTP API Command Injection Vulnerability CVE-2025-20334: Cisco IOS XE Software HTTP API Command Injection Vulnerability A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation. An attacker with administrative privileges could exploit this vulnerability by authenticat

CVE-2025-20316 Cisco IOS XE Software on Cisco Catalyst 9500X and 9600X Series Switches Virtual Interface Access Control List Bypass Vulnerability CVE-2025-20316: Cisco IOS XE Software on Cisco Catalyst 9500X and 9600X Series Switches Virtual Interface Access Control List Bypass Vulnerability A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured

CVE-2017-6796 Cisco IOS XE Software for Cisco ASR 920 Series Routers Arbitrary Command Execution Vulnerability CVE-2017-6796: Cisco IOS XE Software for Cisco ASR 920 Series Routers Arbitrary Command Execution Vulnerability A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series Aggregation Services Routers could allow an authenticated, local attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. The vulne

CVE-2025-20315 Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability CVE-2025-20315: Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition. This vulnerability is due to improper handling of ma

CVE-2017-12289 Cisco IOS XE Software Verbose Debug Logging Information Disclosure Vulnerability CVE-2017-12289: Cisco IOS XE Software Verbose Debug Logging Information Disclosure Vulnerability A vulnerability in conditional, verbose debug logging for the IPsec feature of Cisco IOS XE Software could allow an authenticated, local attacker to display sensitive IPsec information in the system log file. The vulnerability is due to incorrect implementation of IPsec conditional, verbose debug logging t

CVE-2019-12655 Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability CVE-2019-12655: Cisco IOS XE Software FTP Application Layer Gateway for NAT, NAT64, and ZBFW Denial of Service Vulnerability A vulnerability in the FTP application layer gateway (ALG) functionality used by Network Address Translation (NAT), NAT IPv6 to IPv4 (NAT64), and the Zone-Based Policy Firewall (ZBFW) in Cisco IOS XE Software could allow an unauthenticated, remote att

CVE-2026-20114 Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability CVE-2026-20114: Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because parameters that are received by