CVE-2006-4950

Severity

99%

Complexity

99%

Confidentiality

165%

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables.

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

First reported 18 years ago

2006-09-23 10:07:00

Last updated 7 years ago

2017-10-11 01:31:00

Affected Software

Cisco IOS

Cisco IOS 12.3 (1a)

12.3\(1a\)

Cisco IOS 12.3 (2)JA

12.3\(2\)ja

Cisco IOS 12.3 (2)JA5

12.3\(2\)ja5

Cisco IOS 12.3 (2)JK

12.3\(2\)jk

Cisco IOS 12.3 (2)JK1

12.3\(2\)jk1

Cisco IOS 12.3 (2)T3

12.3\(2\)t3

Cisco IOS 12.3 (2)T8

12.3\(2\)t8

Cisco IOS 12.3 (2)XA4

12.3\(2\)xa4

Cisco IOS 12.3 (2)XA5

12.3\(2\)xa5

Cisco IOS 12.3 (2)XC1

12.3\(2\)xc1

Cisco IOS 12.3 (2)XC2

12.3\(2\)xc2

Cisco IOS 12.3 (2)XC3

12.3\(2\)xc3

Cisco IOS 12.3 (2)XC4

12.3\(2\)xc4

Cisco IOS 12.3 (2)XE3

12.3\(2\)xe3

Cisco IOS 12.3 (2)XE4

12.3\(2\)xe4

Cisco IOS 12.3 (3e)

12.3\(3e\)

Cisco IOS 12.3 (3h)

12.3\(3h\)

Cisco IOS 12.3 (3i)

12.3\(3i\)

Cisco IOS 12.3 (4)EO1

12.3\(4\)eo1

Cisco IOS 12.3 (4)JA

12.3\(4\)ja

Cisco IOS 12.3 (4)JA1

12.3\(4\)ja1

Cisco IOS 12.3 (4)T

12.3\(4\)t

Cisco IOS 12.3 (4)T1

12.3\(4\)t1

Cisco IOS 12.3 (4)T2

12.3\(4\)t2

Cisco IOS 12.3 (4)T3

12.3\(4\)t3

Cisco IOS 12.3 (4)T4

12.3\(4\)t4

Cisco IOS 12.3 (4)T8

12.3\(4\)t8

Cisco IOS 12.3 (4)TPC11a

12.3\(4\)tpc11a

Cisco IOS 12.3 (4)XD

12.3\(4\)xd

Cisco IOS 12.3 (4)XD1

12.3\(4\)xd1

Cisco IOS 12.3 (4)XD2

12.3\(4\)xd2

Cisco IOS 12.3 (4)XE4

12.3\(4\)xe4

Cisco IOS 12.3 (4)XG1

12.3\(4\)xg1

Cisco IOS 12.3 (4)XG2

12.3\(4\)xg2

Cisco IOS 12.3 (4)XG4

12.3\(4\)xg4

Cisco IOS 12.3 (4)XG5

12.3\(4\)xg5

Cisco IOS 12.3 (4)XH

12.3\(4\)xh

Cisco IOS 12.3 (4)XK

12.3\(4\)xk

Cisco IOS 12.3 (4)XK1

12.3\(4\)xk1

Cisco IOS 12.3 (4)XK3

12.3\(4\)xk3

Cisco IOS 12.3 (4)XK4

12.3\(4\)xk4

Cisco IOS 12.3 (4)XQ

12.3\(4\)xq

Cisco IOS 12.3 (4)XQ1

12.3\(4\)xq1

Cisco IOS 12.3(5)

12.3\(5\)

Cisco IOS 12.3 (5)B1

12.3\(5\)b1

Cisco IOS 12.3 (5a)

12.3\(5a\)

Cisco IOS 12.3 (5a)b

12.3\(5a\)b

Cisco IOS 12.3 (5a)B2

12.3\(5a\)b2

Cisco IOS 12.3 (5a)B5

12.3\(5a\)b5

Cisco IOS 12.3 (5b)

12.3\(5b\)

Cisco IOS 12.3 (5c)

12.3\(5c\)

Cisco IOS 12.3 (5e)

12.3\(5e\)

Cisco IOS 12.3 (5f)

12.3\(5f\)

Cisco IOS 12.3 (6)

12.3\(6\)

Cisco IOS 12.3 (6a)

12.3\(6a\)

Cisco IOS 12.3 (6d)

12.3\(6d\)

Cisco IOS 12.3 (6e)

12.3\(6e\)

Cisco IOS 12.3 (6f)

12.3\(6f\)

Cisco IOS 12.3 (7)JA

12.3\(7\)ja

Cisco IOS 12.3 (7)JA1

12.3\(7\)ja1

Cisco IOS 12.3 (7)JX

12.3\(7\)jx

Cisco IOS 12.3 (7)T

12.3\(7\)t

Cisco IOS 12.3 (7)T4

12.3\(7\)t4

Cisco IOS 12.3 (7)T8

12.3\(7\)t8

Cisco IOS 12.3 (7)T9

12.3\(7\)t9

Cisco IOS 12.3 (7)T10

12.3\(7\)t10

Cisco IOS 12.3 (7)T12

12.3\(7\)t12

Cisco IOS 12.3 (7)XI3

12.3\(7\)xi3

Cisco IOS 12.3 (7)XI4

12.3\(7\)xi4

Cisco IOS 12.3 (7)XI7

12.3\(7\)xi7

Cisco IOS 12.3 (7)XR3

12.3\(7\)xr3

Cisco IOS 12.3 (7)XR4

12.3\(7\)xr4

Cisco IOS 12.3 (7)XR6

12.3\(7\)xr6

Cisco IOS 12.3 (7.7)

12.3\(7.7\)

Cisco IOS 12.3 (8)JA

12.3\(8\)ja

Cisco IOS 12.3 (8)JA1

12.3\(8\)ja1

Cisco IOS 12.3 (8)T4

12.3\(8\)t4

Cisco IOS 12.3 (8)T7

12.3\(8\)t7

Cisco IOS 12.3 (8)T8

12.3\(8\)t8

Cisco IOS 12.3 (8)T9

12.3\(8\)t9

Cisco IOS 12.3 (8)T11

12.3\(8\)t11

Cisco IOS 12.3 (8)XU2

12.3\(8\)xu2

Cisco IOS 12.3 (8)XY4

12.3\(8\)xy4

Cisco IOS 12.3 (8)XY5

12.3\(8\)xy5

Cisco IOS 12.3 (8)XY6

12.3\(8\)xy6

Cisco IOS 12.3 (8)YA1

12.3\(8\)ya1

Cisco IOS 12.3 (8)YD

12.3\(8\)yd

Cisco IOS 12.3 (8)YF

12.3\(8\)yf

Cisco IOS 12.3 (8)YG

12.3\(8\)yg

Cisco IOS 12.3 (8)YG1

12.3\(8\)yg1

Cisco IOS 12.3 (8)YG2

12.3\(8\)yg2

Cisco IOS 12.3 (8)YG3

12.3\(8\)yg3

Cisco IOS 12.3 (8)YH

12.3\(8\)yh

Cisco IOS 12.3 (8)YI

12.3\(8\)yi

Cisco IOS 12.3 (8)YI1

12.3\(8\)yi1

Cisco IOS 12.3 (8)YI3

12.3\(8\)yi3

Cisco IOS 12.3 (9)

12.3\(9\)

Cisco IOS 12.3 (9a)BC

12.3\(9a\)bc

Cisco IOS 12.3 (9a)BC2

12.3\(9a\)bc2

Cisco IOS 12.3 (9a)BC6

12.3\(9a\)bc6

Cisco IOS 12.3 (9a)BC7

12.3\(9a\)bc7

Cisco IOS 12.3 (9d)

12.3\(9d\)

Cisco IOS 12.3 (9e)

12.3\(9e\)

Cisco IOS 12.3 (10)

12.3\(10\)

Cisco IOS 12.3 (10c)

12.3\(10c\)

Cisco IOS 12.3 (10d)

12.3\(10d\)

Cisco IOS 12.3 (10e)

12.3\(10e\)

Cisco IOS 12.3 (11)

12.3\(11\)

Cisco IOS 12.3 (11)T

12.3\(11\)t

Cisco IOS 12.3 (11)T4

12.3\(11\)t4

Cisco IOS 12.3 (11)T5

12.3\(11\)t5

Cisco IOS 12.3 (11)T6

12.3\(11\)t6

Cisco IOS 12.3 (11)T8

12.3\(11\)t8

Cisco IOS 12.3 (11)T9

12.3\(11\)t9

Cisco IOS 12.3 (11)XL

12.3\(11\)xl

Cisco IOS 12.3 (11)XL3

12.3\(11\)xl3

Cisco IOS 12.3 (11)YF

12.3\(11\)yf

Cisco IOS 12.3 (11)YF2

12.3\(11\)yf2

Cisco IOS 12.3 (11)YF3

12.3\(11\)yf3

Cisco IOS 12.3 (11)YF4

12.3\(11\)yf4

Cisco IOS 12.3 (11)YJ

12.3\(11\)yj

Cisco IOS 12.3 (11)YK

12.3\(11\)yk

Cisco IOS 12.3 (11)YK1

12.3\(11\)yk1

Cisco IOS 12.3(11)YK2

12.3\(11\)yk2

Cisco IOS 12.3(11)YL

12.3\(11\)yl

Cisco IOS 12.3 (11)YN

12.3\(11\)yn

Cisco IOS 12.3 (11)YR

12.3\(11\)yr

Cisco IOS 12.3 (11)YS

12.3\(11\)ys

Cisco IOS 12.3 (11)YS1

12.3\(11\)ys1

Cisco IOS 12.3 (11)YW

12.3\(11\)yw

Cisco IOS 12.3 (12)

12.3\(12\)

Cisco IOS 12.3 (12b)

12.3\(12b\)

Cisco IOS 12.3 (12e)

12.3\(12e\)

Cisco IOS 12.3 (13)

12.3\(13\)

Cisco IOS 12.3 (13a)

12.3\(13a\)

Cisco IOS 12.3 (13a)BC

12.3\(13a\)bc

Cisco IOS 12.3 (13a)BC1

12.3\(13a\)bc1

Cisco IOS 12.3 (13b)

12.3\(13b\)

Cisco IOS 12.3 (14)T

12.3\(14\)t

Cisco IOS 12.3 (14)T2

12.3\(14\)t2

Cisco IOS 12.3 (14)T4

12.3\(14\)t4

Cisco IOS 12.3 (14)T5

12.3\(14\)t5

Cisco IOS 12.3 (14)YM4

12.3\(14\)ym4

Cisco IOS 12.3 (14)YQ

12.3\(14\)yq

Cisco IOS 12.3 (14)YQ1

12.3\(14\)yq1

Cisco IOS 12.3 (14)YQ3

12.3\(14\)yq3

Cisco IOS 12.3 (14)YQ4

12.3\(14\)yq4

Cisco IOS 12.3 (14)YT

12.3\(14\)yt

Cisco IOS 12.3 (14)YT1

12.3\(14\)yt1

Cisco IOS 12.3 (14)YU

12.3\(14\)yu

Cisco IOS 12.3 (14)YU1

12.3\(14\)yu1

Cisco IOS 12.3 (15)

12.3\(15\)

Cisco IOS 12.3 (15b)

12.3\(15b\)

Cisco IOS 12.3 (16)

12.3\(16\)

Cisco IOS 12.3B

12.3b

Cisco IOS 12.3BC

12.3bc

Cisco IOS 12.3BW

12.3bw

Cisco IOS 12.3J

12.3j

Cisco IOS 12.3JA

12.3ja

Cisco IOS 12.3JK

12.3jk

Cisco IOS 12.3JX

12.3jx

Cisco IOS 12.3T

12.3t

Cisco IOS 12TPC

12.3tpc

Cisco IOS 12.3XA

12.3xa

Cisco IOS 12.3XB

12.3xb

Cisco IOS 12.3XC

12.3xc

Cisco IOS 12.3XD

12.3xd

Cisco IOS 12.3XE

12.3xe

Cisco IOS 12.3XF

12.3xf

Cisco IOS 12.3XG

12.3xg

Cisco IOS 12.3XH

12.3xh

Cisco IOS 12.3XI

12.3xi

Cisco IOS 12.3XJ

12.3xj

Cisco IOS 12.3XK

12.3xk

Cisco IOS 12.3XL

12.3xl

Cisco IOS 12.3XM

12.3xm

Cisco IOS 12.3XN

12.3xn

Cisco IOS 12.3XQ

12.3xq

Cisco IOS 12.3XR

12.3xr

Cisco IOS 12.3XS

12.3xs

Cisco IOS 12.3XT

12.3xt

Cisco IOS 12.3XU

12.3xu

Cisco IOS 12.3XV

12.3xv

Cisco IOS 12.3XW

12.3xw

Cisco IOS 12.3XX

12.3xx

Cisco IOS 12.3XY

12.3xy

Cisco IOS 12.3XZ

12.3xz

Cisco IOS 12.3YA

12.3ya

Cisco IOS 12.3YB

12.3yb

Cisco IOS 12.3YC

12.3yc

Cisco IOS 12.3YD

12.3yd

Cisco IOS 12.3YE

12.3ye

Cisco IOS 12.3YF

12.3yf

Cisco IOS 12.3YG

12.3yg

Cisco IOS 12.3YH

12.3yh

Cisco IOS 12.3YI

12.3yi

Cisco IOS 12.3YJ

12.3yj

Cisco IOS 12.3YK

12.3yk

Cisco IOS 12.3YL

12.3yl

Cisco IOS 12.3YM

12.3ym

Cisco IOS 12.3YN

12.3yn

Cisco IOS 12.3YQ

12.3yq

Cisco IOS 12.3YR

12.3yr

Cisco IOS 12.3YS

12.3ys

Cisco IOS 12.3YT

12.3yt

Cisco IOS 12.3YU

12.3yu

Cisco IOS 12.3 YW

12.3yw

Cisco IOS 12.3YX

12.3yx

Cisco IOS 12.4

12.4

Cisco IOS 12.4 (1)

12.4\(1\)

Cisco IOS 12.4 (1b)

12.4\(1b\)

Cisco IOS 12.4 (1c)

12.4\(1c\)

Cisco IOS 12.4 (2)MR

12.4\(2\)mr

Cisco IOS 12.4 (2)MR1

12.4\(2\)mr1

Cisco IOS 12.4 (2)T

12.4\(2\)t

Cisco IOS 12.4 (2)T1

12.4\(2\)t1

Cisco IOS 12.4 (2)T2

12.4\(2\)t2

Cisco IOS 12.4 (2)XA

12.4\(2\)xa

Cisco IOS 12.4 (2)XB

12.4\(2\)xb

Cisco IOS 12.4 (3a)

12.4\(3a\)

Cisco IOS 12.4 (3b)

12.4\(3b\)

Cisco IOS 12.4 (4)T

12.4\(4\)t

Cisco IOS 12.4 (5)

12.4\(5\)

Cisco IOS 12.4MR

12.4mr

Cisco IOS 12.4T

12.4t

Cisco IOS 12.4XA

12.4xa

Cisco IOS 12.4XB

12.4xb

References

21974

Patch, Vendor Advisory

1016899

20060920 DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms

Patch

VU#123140

US Government Resource

29034

20125

Patch

ADV-2006-3722

ios-docsis-default-snmp(29054)

oval:org.mitre.oval:def:5665

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.