Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Cgr1000
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-20076 1 Cisco 15 807 Industrial Integrated Services Router, 807 Industrial Integrated Services Router Firmware, 809 Industrial Integrated Services Router and 12 more 2023-12-10 N/A 8.8 HIGH
A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system. This vulnerability is due to incomplete sanitization of parameters that are passed in for activation of an application. An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file. A successful exploit could allow the attacker to execute arbitrary commands as root on the underlying host operating system.
CVE-2021-1460 1 Cisco 7 809 Industrial Integrated Services Router, 829 Industrial Integrated Services Router, Cgr1000 and 4 more 2023-12-10 5.0 MEDIUM 7.5 HIGH
A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829 Industrial ISRs, Cisco CGR 1000 Compute Module, and Cisco IC3000 Industrial Compute Gateway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient error handling during packet processing. An attacker could exploit this vulnerability by sending a high and sustained rate of crafted TCP traffic to the IOx web server on an affected device. A successful exploit could allow the attacker to cause the IOx web server to stop processing requests, resulting in a DoS condition.