CISCO

CISCO

#Check the Cisco Product and their version for vulnerablities

#Few CISCO CVEs to look on CVE-2023-20273 - Cisco IOS XE Web UI implant injection vulnerability CVE-2023-20198 - Cisco IOS XE Web UI privilege escalation vulnerability CVE-2023-20049 - Cisco Webex Meetings Server remote command execution vulnerability CVE-2023-20154 - Cisco DNA Center cross-site scripting (XSS) vulnerability CVE-2023-20218 - Cisco IOS XE Software memory corruption vulnerability CVE-2023-20791 - Cisco Adaptive Security Appliance (ASA) and Firepower privilege escalation vulnerability CVE-2023-20082 - Cisco Nexus 9000 Series fabric switches authentication bypass CVE-2023-20025 - Cisco Small Business RV Series routers command injection vulnerability CVE-2023-20126 - Cisco Identity Services Engine (ISE) SQL injection vulnerability CVE-2023-20073 - Cisco Prime Infrastructure privilege escalation vulnerability CVE-2023-20801 - Cisco ASA buffer overflow vulnerability CVE-2023-20872 - Cisco Meraki dashboard insufficient input validation CVE-2023-20755 - Cisco Unified Communications Manager (UCM) SIP inspection bypass CVE-2023-20019 - Cisco Web Security Appliance remote code execution vulnerability CVE-2023-20803 - Cisco Firepower Threat Defense remote code execution vulnerability CVE-2023-20137 - Cisco ASA cross-site request forgery (CSRF) vulnerability CVE-2023-20178 - Cisco NX-OS Software integer overflow vulnerability CVE-2023-20039 - Cisco Wireless LAN Controller unauthenticated access vulnerability CVE-2023-20999 - Cisco Email Security Appliance remote code execution vulnerability CVE-2023-20981 - Cisco HyperFlex HX Data Platform remote command execution CVE-2023-20017 - Cisco Secure Network Analytics improper input validation CVE-2023-20210 - Cisco Unified Contact Center Express command injection vulnerability CVE-2023-20746 - Cisco Smart Software Manager satellite remote code execution CVE-2023-20165 - Cisco UCS Director improper privilege management CVE-2023-20055 - Cisco Identity Services Engine REST API privilege escalation CVE-2023-20876 - Cisco ASA firewall rule manipulation vulnerability CVE-2023-20289 - Cisco Small Business Routers command injection vulnerability CVE-2023-20992 - Cisco Nexus Dashboard unauthorized access vulnerability CVE-2023-20234 - Cisco Application Policy Infrastructure Controller cross-site scripting CVE-2023-20958 - Cisco Secure Firewall Threat Defense privilege escalation vulnerability

#few links to Explore

1. https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2

2. https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c 3.https://parasarora06.medium.com/hunting-for-cve-2020-3187-2020-3452-9f0dcc66f4d8

3. https://medium.com/@karthiksoft007/how-i-hacked-millions-of-cisco-webex-users-through-brute-force-7bed1ece13cb

4. https://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0

5. https://hackerone.com/reports/987090

6. https://www.youtube.com/watch?v=SjKa2RVoHUE

7. https://medium.com/@urshilaravindran/dll-side-loading-vulnerability-in-cisco-anyconnect-4-x-and-5-x-de81b1395102

8. https://medium.com/@nanwinata/how-can-i-obtain-a-2k-bounty-solely-based-on-curiosity-56ef84e93aca

9. https://hackerone.com/reports/943717

10. https://www.openbugbounty.org/reports/213926/