CVE Details
CVE-2008-4128
Cisco IOS Cross-Site Request Forgery Vulnerability
Published: 2026-07-13
CVSS: 4.3 MEDIUM
Product: Cisco IOS
Due Date: 2026-07-16
Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI.
GitHub PoC
Warning: GitHub PoC repositories are unverified. Some may be fake
or contain malware. Use caution and review code before running anything.
No GitHub PoC data.
FIRST EPSS
EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.
Timeline
CVE Stalker
KEV
MITRE
GitHub
FIRST (EPSS)
MITRE
CVSS
SSVC
References
Show Raw Data
| Key | Remaining Key | Value |
|---|---|---|
| containers > | cna > affected > 0 > product | n/a |
| containers > | cna > affected > 0 > vendor | n/a |
| containers > | cna > affected > 0 > versions > 0 > status | affected |
| containers > | cna > affected > 0 > versions > 0 > version | n/a |
| containers > | cna > datePublic | 2008-09-17T00:00:00.000Z |
| containers > | cna > descriptions > 0 > lang | en |
| containers > | cna > descriptions > 0 > value | Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. |
| containers > | cna > problemTypes > 0 > descriptions > 0 > description | n/a |
| containers > | cna > problemTypes > 0 > descriptions > 0 > lang | en |
| containers > | cna > problemTypes > 0 > descriptions > 0 > type | text |
| containers > | cna > providerMetadata > dateUpdated | 2017-09-28T12:57:01.000Z |
| containers > | cna > providerMetadata > orgId | 8254265b-2729-46b6-b9e3-3dfca2d5bfca |
| containers > | cna > providerMetadata > shortName | mitre |
| containers > | cna > references > 0 > name | 6476 |
| containers > | cna > references > 0 > tags > 0 | exploit |
| containers > | cna > references > 0 > tags > 1 | x_refsource_EXPLOIT-DB |
| containers > | cna > references > 0 > url | https://www.exploit-db.com/exploits/6476 |
| containers > | cna > references > 1 > name | cisco-router-csrf(45226) |
| containers > | cna > references > 1 > tags > 0 | vdb-entry |
| containers > | cna > references > 1 > tags > 1 | x_refsource_XF |
| containers > | cna > references > 1 > url | https://exchange.xforce.ibmcloud.com/vulnerabilities/45226 |
| containers > | cna > references > 2 > tags > 0 | x_refsource_MISC |
| containers > | cna > references > 2 > url | http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html |
| containers > | cna > references > 3 > name | 6477 |
| containers > | cna > references > 3 > tags > 0 | exploit |
| containers > | cna > references > 3 > tags > 1 | x_refsource_EXPLOIT-DB |
| containers > | cna > references > 3 > url | https://www.exploit-db.com/exploits/6477 |
| containers > | cna > references > 4 > name | 31218 |
| containers > | cna > references > 4 > tags > 0 | vdb-entry |
| containers > | cna > references > 4 > tags > 1 | x_refsource_BID |
| containers > | cna > references > 4 > url | http://www.securityfocus.com/bid/31218 |
| containers > | cna > x_legacyV4Record > CVE_data_meta > ASSIGNER | [email protected] |
| containers > | cna > x_legacyV4Record > CVE_data_meta > ID | CVE-2008-4128 |
| containers > | cna > x_legacyV4Record > CVE_data_meta > STATE | PUBLIC |
| containers > | cna > x_legacyV4Record > affects > vendor > vendor_data > 0 > product > product_data > 0 > product_name | n/a |
| containers > | cna > x_legacyV4Record > affects > vendor > vendor_data > 0 > product > product_data > 0 > version > version_data > 0 > version_value | n/a |
| containers > | cna > x_legacyV4Record > affects > vendor > vendor_data > 0 > vendor_name | n/a |
| containers > | cna > x_legacyV4Record > data_format | MITRE |
| containers > | cna > x_legacyV4Record > data_type | CVE |
| containers > | cna > x_legacyV4Record > data_version | 4.0 |
| containers > | cna > x_legacyV4Record > description > description_data > 0 > lang | eng |
| containers > | cna > x_legacyV4Record > description > description_data > 0 > value | Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. |
| containers > | cna > x_legacyV4Record > problemtype > problemtype_data > 0 > description > 0 > lang | eng |
| containers > | cna > x_legacyV4Record > problemtype > problemtype_data > 0 > description > 0 > value | n/a |
| containers > | cna > x_legacyV4Record > references > reference_data > 0 > name | 6476 |
| containers > | cna > x_legacyV4Record > references > reference_data > 0 > refsource | EXPLOIT-DB |
| containers > | cna > x_legacyV4Record > references > reference_data > 0 > url | https://www.exploit-db.com/exploits/6476 |
| containers > | cna > x_legacyV4Record > references > reference_data > 1 > name | cisco-router-csrf(45226) |
| containers > | cna > x_legacyV4Record > references > reference_data > 1 > refsource | XF |
| containers > | cna > x_legacyV4Record > references > reference_data > 1 > url | https://exchange.xforce.ibmcloud.com/vulnerabilities/45226 |
| containers > | cna > x_legacyV4Record > references > reference_data > 2 > name | http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html |
| containers > | cna > x_legacyV4Record > references > reference_data > 2 > refsource | MISC |
| containers > | cna > x_legacyV4Record > references > reference_data > 2 > url | http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html |
| containers > | cna > x_legacyV4Record > references > reference_data > 3 > name | 6477 |
| containers > | cna > x_legacyV4Record > references > reference_data > 3 > refsource | EXPLOIT-DB |
| containers > | cna > x_legacyV4Record > references > reference_data > 3 > url | https://www.exploit-db.com/exploits/6477 |
| containers > | cna > x_legacyV4Record > references > reference_data > 4 > name | 31218 |
| containers > | cna > x_legacyV4Record > references > reference_data > 4 > refsource | BID |
| containers > | cna > x_legacyV4Record > references > reference_data > 4 > url | http://www.securityfocus.com/bid/31218 |
| containers > | adp > 0 > providerMetadata > orgId | af854a3a-2127-422b-91ae-364da2661108 |
| containers > | adp > 0 > providerMetadata > shortName | CVE |
| containers > | adp > 0 > providerMetadata > dateUpdated | 2024-08-07T10:08:34.051Z |
| containers > | adp > 0 > title | CVE Program Container |
| containers > | adp > 0 > references > 0 > name | 6476 |
| containers > | adp > 0 > references > 0 > tags > 0 | exploit |
| containers > | adp > 0 > references > 0 > tags > 1 | x_refsource_EXPLOIT-DB |
| containers > | adp > 0 > references > 0 > tags > 2 | x_transferred |
| containers > | adp > 0 > references > 0 > url | https://www.exploit-db.com/exploits/6476 |
| containers > | adp > 0 > references > 1 > name | cisco-router-csrf(45226) |
| containers > | adp > 0 > references > 1 > tags > 0 | vdb-entry |
| containers > | adp > 0 > references > 1 > tags > 1 | x_refsource_XF |
| containers > | adp > 0 > references > 1 > tags > 2 | x_transferred |
| containers > | adp > 0 > references > 1 > url | https://exchange.xforce.ibmcloud.com/vulnerabilities/45226 |
| containers > | adp > 0 > references > 2 > tags > 0 | x_refsource_MISC |
| containers > | adp > 0 > references > 2 > tags > 1 | x_transferred |
| containers > | adp > 0 > references > 2 > url | http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html |
| containers > | adp > 0 > references > 3 > name | 6477 |
| containers > | adp > 0 > references > 3 > tags > 0 | exploit |
| containers > | adp > 0 > references > 3 > tags > 1 | x_refsource_EXPLOIT-DB |
| containers > | adp > 0 > references > 3 > tags > 2 | x_transferred |
| containers > | adp > 0 > references > 3 > url | https://www.exploit-db.com/exploits/6477 |
| containers > | adp > 0 > references > 4 > name | 31218 |
| containers > | adp > 0 > references > 4 > tags > 0 | vdb-entry |
| containers > | adp > 0 > references > 4 > tags > 1 | x_refsource_BID |
| containers > | adp > 0 > references > 4 > tags > 2 | x_transferred |
| containers > | adp > 0 > references > 4 > url | http://www.securityfocus.com/bid/31218 |
| containers > | adp > 1 > problemTypes > 0 > descriptions > 0 > type | CWE |
| containers > | adp > 1 > problemTypes > 0 > descriptions > 0 > cweId | CWE-352 |
| containers > | adp > 1 > problemTypes > 0 > descriptions > 0 > lang | en |
| containers > | adp > 1 > problemTypes > 0 > descriptions > 0 > description | CWE-352 Cross-Site Request Forgery (CSRF) |
| containers > | adp > 1 > references > 0 > url | https://media.defense.gov/2026/Jul/09/2003959498/-1/-1/1/CSA_IMPROVE_ROUTER_HYGIENE.PDF |
| containers > | adp > 1 > references > 0 > tags > 0 | third-party-advisory |
| containers > | adp > 1 > references > 1 > url | https://www.cisco.com/c/en/us/obsolete/ios-nx-os-software/cisco-ios-software-releases-12-4-mainline.html |
| containers > | adp > 1 > references > 1 > tags > 0 | mitigation |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > scope | UNCHANGED |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > version | 3.1 |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > baseScore | 4.3 |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > attackVector | NETWORK |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > baseSeverity | MEDIUM |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > vectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > integrityImpact | NONE |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > userInteraction | REQUIRED |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > attackComplexity | LOW |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > availabilityImpact | NONE |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > privilegesRequired | NONE |
| containers > | adp > 1 > metrics > 0 > cvssV3_1 > confidentialityImpact | LOW |
| containers > | adp > 1 > metrics > 1 > other > type | ssvc |
| containers > | adp > 1 > metrics > 1 > other > content > timestamp | 2026-07-13T13:32:36.855109Z |
| containers > | adp > 1 > metrics > 1 > other > content > id | CVE-2008-4128 |
| containers > | adp > 1 > metrics > 1 > other > content > options > 0 > Exploitation | none |
| containers > | adp > 1 > metrics > 1 > other > content > options > 1 > Automatable | no |
| containers > | adp > 1 > metrics > 1 > other > content > options > 2 > Technical Impact | partial |
| containers > | adp > 1 > metrics > 1 > other > content > role | CISA Coordinator |
| containers > | adp > 1 > metrics > 1 > other > content > version | 2.0.3 |
| containers > | adp > 1 > title | CISA ADP Vulnrichment |
| containers > | adp > 1 > providerMetadata > orgId | 134c704f-9b21-4f2e-91b3-4a467353bcc0 |
| containers > | adp > 1 > providerMetadata > shortName | CISA-ADP |
| containers > | adp > 1 > providerMetadata > dateUpdated | 2026-07-13T13:32:41.374Z |
| cveMetadata > | assignerOrgId | 8254265b-2729-46b6-b9e3-3dfca2d5bfca |
| cveMetadata > | assignerShortName | mitre |
| cveMetadata > | cveId | CVE-2008-4128 |
| cveMetadata > | datePublished | 2008-09-18T20:00:00.000Z |
| cveMetadata > | dateReserved | 2008-09-18T00:00:00.000Z |
| cveMetadata > | dateUpdated | 2026-07-13T13:32:41.374Z |
| cveMetadata > | state | PUBLISHED |
| dataType | CVE_RECORD | |
| dataVersion | 5.2 |