CVE Details

CVE-2008-4128 Cisco IOS Cross-Site Request Forgery Vulnerability
Published: 2026-07-13 CVSS: 4.3 MEDIUM Product: Cisco IOS Due Date: 2026-07-16

Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI.

GitHub PoC

Warning: GitHub PoC repositories are unverified. Some may be fake or contain malware. Use caution and review code before running anything.

No GitHub PoC data.

FIRST EPSS

EPSS estimates the probability of exploitation in the next 30 days. Higher values indicate higher likelihood of real-world exploitation.

Timeline

CVE Stalker KEV MITRE GitHub FIRST (EPSS)

MITRE

CVSS

  • Score: 4.3
  • Severity: MEDIUM
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

SSVC

  • Exploitation: none
  • Automatable: no
  • Technical Impact: partial

References

Show Raw Data
Key Remaining Key Value
containers > cna > affected > 0 > product n/a
containers > cna > affected > 0 > vendor n/a
containers > cna > affected > 0 > versions > 0 > status affected
containers > cna > affected > 0 > versions > 0 > version n/a
containers > cna > datePublic 2008-09-17T00:00:00.000Z
containers > cna > descriptions > 0 > lang en
containers > cna > descriptions > 0 > value Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information.
containers > cna > problemTypes > 0 > descriptions > 0 > description n/a
containers > cna > problemTypes > 0 > descriptions > 0 > lang en
containers > cna > problemTypes > 0 > descriptions > 0 > type text
containers > cna > providerMetadata > dateUpdated 2017-09-28T12:57:01.000Z
containers > cna > providerMetadata > orgId 8254265b-2729-46b6-b9e3-3dfca2d5bfca
containers > cna > providerMetadata > shortName mitre
containers > cna > references > 0 > name 6476
containers > cna > references > 0 > tags > 0 exploit
containers > cna > references > 0 > tags > 1 x_refsource_EXPLOIT-DB
containers > cna > references > 0 > url https://www.exploit-db.com/exploits/6476
containers > cna > references > 1 > name cisco-router-csrf(45226)
containers > cna > references > 1 > tags > 0 vdb-entry
containers > cna > references > 1 > tags > 1 x_refsource_XF
containers > cna > references > 1 > url https://exchange.xforce.ibmcloud.com/vulnerabilities/45226
containers > cna > references > 2 > tags > 0 x_refsource_MISC
containers > cna > references > 2 > url http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html
containers > cna > references > 3 > name 6477
containers > cna > references > 3 > tags > 0 exploit
containers > cna > references > 3 > tags > 1 x_refsource_EXPLOIT-DB
containers > cna > references > 3 > url https://www.exploit-db.com/exploits/6477
containers > cna > references > 4 > name 31218
containers > cna > references > 4 > tags > 0 vdb-entry
containers > cna > references > 4 > tags > 1 x_refsource_BID
containers > cna > references > 4 > url http://www.securityfocus.com/bid/31218
containers > cna > x_legacyV4Record > CVE_data_meta > ASSIGNER [email protected]
containers > cna > x_legacyV4Record > CVE_data_meta > ID CVE-2008-4128
containers > cna > x_legacyV4Record > CVE_data_meta > STATE PUBLIC
containers > cna > x_legacyV4Record > affects > vendor > vendor_data > 0 > product > product_data > 0 > product_name n/a
containers > cna > x_legacyV4Record > affects > vendor > vendor_data > 0 > product > product_data > 0 > version > version_data > 0 > version_value n/a
containers > cna > x_legacyV4Record > affects > vendor > vendor_data > 0 > vendor_name n/a
containers > cna > x_legacyV4Record > data_format MITRE
containers > cna > x_legacyV4Record > data_type CVE
containers > cna > x_legacyV4Record > data_version 4.0
containers > cna > x_legacyV4Record > description > description_data > 0 > lang eng
containers > cna > x_legacyV4Record > description > description_data > 0 > value Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information.
containers > cna > x_legacyV4Record > problemtype > problemtype_data > 0 > description > 0 > lang eng
containers > cna > x_legacyV4Record > problemtype > problemtype_data > 0 > description > 0 > value n/a
containers > cna > x_legacyV4Record > references > reference_data > 0 > name 6476
containers > cna > x_legacyV4Record > references > reference_data > 0 > refsource EXPLOIT-DB
containers > cna > x_legacyV4Record > references > reference_data > 0 > url https://www.exploit-db.com/exploits/6476
containers > cna > x_legacyV4Record > references > reference_data > 1 > name cisco-router-csrf(45226)
containers > cna > x_legacyV4Record > references > reference_data > 1 > refsource XF
containers > cna > x_legacyV4Record > references > reference_data > 1 > url https://exchange.xforce.ibmcloud.com/vulnerabilities/45226
containers > cna > x_legacyV4Record > references > reference_data > 2 > name http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html
containers > cna > x_legacyV4Record > references > reference_data > 2 > refsource MISC
containers > cna > x_legacyV4Record > references > reference_data > 2 > url http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html
containers > cna > x_legacyV4Record > references > reference_data > 3 > name 6477
containers > cna > x_legacyV4Record > references > reference_data > 3 > refsource EXPLOIT-DB
containers > cna > x_legacyV4Record > references > reference_data > 3 > url https://www.exploit-db.com/exploits/6477
containers > cna > x_legacyV4Record > references > reference_data > 4 > name 31218
containers > cna > x_legacyV4Record > references > reference_data > 4 > refsource BID
containers > cna > x_legacyV4Record > references > reference_data > 4 > url http://www.securityfocus.com/bid/31218
containers > adp > 0 > providerMetadata > orgId af854a3a-2127-422b-91ae-364da2661108
containers > adp > 0 > providerMetadata > shortName CVE
containers > adp > 0 > providerMetadata > dateUpdated 2024-08-07T10:08:34.051Z
containers > adp > 0 > title CVE Program Container
containers > adp > 0 > references > 0 > name 6476
containers > adp > 0 > references > 0 > tags > 0 exploit
containers > adp > 0 > references > 0 > tags > 1 x_refsource_EXPLOIT-DB
containers > adp > 0 > references > 0 > tags > 2 x_transferred
containers > adp > 0 > references > 0 > url https://www.exploit-db.com/exploits/6476
containers > adp > 0 > references > 1 > name cisco-router-csrf(45226)
containers > adp > 0 > references > 1 > tags > 0 vdb-entry
containers > adp > 0 > references > 1 > tags > 1 x_refsource_XF
containers > adp > 0 > references > 1 > tags > 2 x_transferred
containers > adp > 0 > references > 1 > url https://exchange.xforce.ibmcloud.com/vulnerabilities/45226
containers > adp > 0 > references > 2 > tags > 0 x_refsource_MISC
containers > adp > 0 > references > 2 > tags > 1 x_transferred
containers > adp > 0 > references > 2 > url http://jbrownsec.blogspot.com/2008/09/cisco-0day-released.html
containers > adp > 0 > references > 3 > name 6477
containers > adp > 0 > references > 3 > tags > 0 exploit
containers > adp > 0 > references > 3 > tags > 1 x_refsource_EXPLOIT-DB
containers > adp > 0 > references > 3 > tags > 2 x_transferred
containers > adp > 0 > references > 3 > url https://www.exploit-db.com/exploits/6477
containers > adp > 0 > references > 4 > name 31218
containers > adp > 0 > references > 4 > tags > 0 vdb-entry
containers > adp > 0 > references > 4 > tags > 1 x_refsource_BID
containers > adp > 0 > references > 4 > tags > 2 x_transferred
containers > adp > 0 > references > 4 > url http://www.securityfocus.com/bid/31218
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > type CWE
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > cweId CWE-352
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > lang en
containers > adp > 1 > problemTypes > 0 > descriptions > 0 > description CWE-352 Cross-Site Request Forgery (CSRF)
containers > adp > 1 > references > 0 > url https://media.defense.gov/2026/Jul/09/2003959498/-1/-1/1/CSA_IMPROVE_ROUTER_HYGIENE.PDF
containers > adp > 1 > references > 0 > tags > 0 third-party-advisory
containers > adp > 1 > references > 1 > url https://www.cisco.com/c/en/us/obsolete/ios-nx-os-software/cisco-ios-software-releases-12-4-mainline.html
containers > adp > 1 > references > 1 > tags > 0 mitigation
containers > adp > 1 > metrics > 0 > cvssV3_1 > scope UNCHANGED
containers > adp > 1 > metrics > 0 > cvssV3_1 > version 3.1
containers > adp > 1 > metrics > 0 > cvssV3_1 > baseScore 4.3
containers > adp > 1 > metrics > 0 > cvssV3_1 > attackVector NETWORK
containers > adp > 1 > metrics > 0 > cvssV3_1 > baseSeverity MEDIUM
containers > adp > 1 > metrics > 0 > cvssV3_1 > vectorString CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
containers > adp > 1 > metrics > 0 > cvssV3_1 > integrityImpact NONE
containers > adp > 1 > metrics > 0 > cvssV3_1 > userInteraction REQUIRED
containers > adp > 1 > metrics > 0 > cvssV3_1 > attackComplexity LOW
containers > adp > 1 > metrics > 0 > cvssV3_1 > availabilityImpact NONE
containers > adp > 1 > metrics > 0 > cvssV3_1 > privilegesRequired NONE
containers > adp > 1 > metrics > 0 > cvssV3_1 > confidentialityImpact LOW
containers > adp > 1 > metrics > 1 > other > type ssvc
containers > adp > 1 > metrics > 1 > other > content > timestamp 2026-07-13T13:32:36.855109Z
containers > adp > 1 > metrics > 1 > other > content > id CVE-2008-4128
containers > adp > 1 > metrics > 1 > other > content > options > 0 > Exploitation none
containers > adp > 1 > metrics > 1 > other > content > options > 1 > Automatable no
containers > adp > 1 > metrics > 1 > other > content > options > 2 > Technical Impact partial
containers > adp > 1 > metrics > 1 > other > content > role CISA Coordinator
containers > adp > 1 > metrics > 1 > other > content > version 2.0.3
containers > adp > 1 > title CISA ADP Vulnrichment
containers > adp > 1 > providerMetadata > orgId 134c704f-9b21-4f2e-91b3-4a467353bcc0
containers > adp > 1 > providerMetadata > shortName CISA-ADP
containers > adp > 1 > providerMetadata > dateUpdated 2026-07-13T13:32:41.374Z
cveMetadata > assignerOrgId 8254265b-2729-46b6-b9e3-3dfca2d5bfca
cveMetadata > assignerShortName mitre
cveMetadata > cveId CVE-2008-4128
cveMetadata > datePublished 2008-09-18T20:00:00.000Z
cveMetadata > dateReserved 2008-09-18T00:00:00.000Z
cveMetadata > dateUpdated 2026-07-13T13:32:41.374Z
cveMetadata > state PUBLISHED
dataType CVE_RECORD
dataVersion 5.2