this post was submitted on 17 Oct 2023
1 points (100.0% liked)

TechSploits

385 readers
1 users here now

All things relating to breaking tech, tech breaking, OSS, or hacking together software to perform something completely out of the ordinary, on purpose or by accident.

founded 1 year ago
MODERATORS
reddthat@reddthat.com
1
Actively exploited Cisco 0-day with maximum 10 severity gives full network control (arstechnica.com)
submitted 1 year ago* (last edited 1 year ago) by reddthat@reddthat.com to c/techsploits@reddthat.com
0 comments fedilink hide all child comments
 

🍿

The previously unknown vulnerability, which is tracked as CVE-2023-20198, carries the maximum severity rating of 10. It resides in the Web User Interface of Cisco IOS XE software when exposed to the Internet or untrusted networks. Any switch, router, or wireless LAN controller running IOS XE that has the HTTP or HTTPS Server feature enabled and exposed to the Internet is vulnerable. At the time this post went live, the Shodan search engine showed that as many as 80,000 Internet-connected devices could be affected.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here