[c-nsp] https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte Is vulnerability pre or post ACL?
Drew Weaver
drew.weaver at thenap.com
Fri Sep 26 09:13:16 EDT 2025
Howdy,
I'm reviewing this vulnerability for IOS:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-x4LPhte
In the advisory it doesn't seem to mention whether the code execution happens pre or post the application of the ACL?
Consider this example:
snmp-server community YourVerySecureCommunityString RO 60
I assume that the ACL blocking access to hosts other than the NMS would be enough to prevent this from being super widely exploitable but its IOS so I am thinking in IOS terms.
Anyone have any details on that?
Thanks,
-Drew
More information about the cisco-nsp
mailing list