EUVD-2026-27850
GHSA-48h9-c48p-4x99
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to cause a DoS condition on a remotely managed router.
This vulnerability is due to improper error handling. An attacker could exploit this vulnerability by submitting crafted input to the web-based management interface. A successful exploit could allow the attacker to request unauthorized files from a remote router, causing the router to reload and resulting in a DoS condition.
AnalysisAI
Cisco IoT Field Network Director enables authenticated remote attackers with low-level privileges to crash remotely managed routers by submitting crafted requests through the web-based management interface. The vulnerability causes improper error handling that allows requesting unauthorized files from managed routers, forcing them to reload and creating a denial-of-service condition (CVSS 7.7, Changed Scope). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all Cisco IoT Field Network Director instances and document managed router deployments; restrict web management interface access to administrative networks only and review user privilege assignments to limit low-privilege accounts. Within 7 days: Implement network segmentation to isolate Field Network Director management traffic; enable detailed logging of web interface activity and monitor for suspicious requests. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today