Description
Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information.
CISA Known Exploited Vulnerability
Date added 2026-07-13 | Due date 2026-07-16
Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
References
www.exploit-db.com/exploits/6476 (6476)
exchange.xforce.ibmcloud.com/vulnerabilities/45226 (cisco-router-csrf(45226))
jbrownsec.blogspot.com/2008/09/cisco-0day-released.html
www.exploit-db.com/exploits/6477 (6477)
www.securityfocus.com/bid/31218 (31218)
media.defense.gov/.../-1/-1/1/CSA_IMPROVE_ROUTER_HYGIENE.PDF
www.cisco.com/...co-ios-software-releases-12-4-mainline.html
www.cisa.gov/...nerabilities-catalog?field_cve=CVE-2008-4128
www.exploit-db.com/exploits/6476 (6476)
exchange.xforce.ibmcloud.com/vulnerabilities/45226 (cisco-router-csrf(45226))
jbrownsec.blogspot.com/2008/09/cisco-0day-released.html
www.exploit-db.com/exploits/6477 (6477)
www.securityfocus.com/bid/31218 (31218)