ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-49 All Questions

View all questions & answers for the 312-49 exam
Go to Exam

Exam 312-49 topic 1 question 145 discussion

Actual exam question from ECCouncil's 312-49
Question #: 145
Topic #: 1
[All 312-49 Questions]

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some
Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers: http://172.168.4.131/level/99/exec/show/config
After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

  • A. HTTP Configuration Arbitrary Administrative Access Vulnerability
  • B. HTML Configuration Arbitrary Administrative Access Vulnerability
  • C. Cisco IOS Arbitrary Administrative Access Online Vulnerability
  • D. URL Obfuscation Arbitrary Administrative Access Vulnerability
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by deadguy1000 at Jan. 22, 2021, 8:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Xfo
1 year, 9 months ago
Answer is A. https://www.rapid7.com/db/vulnerabilities/HTTP-CISCO-0002/ The problem is in the ability of a user to access the HTTP configuration menu of a Cisco device. A remote user accessing: http://router.address/level/$NUMBER/exec/.... (where $NUMBER is a number in the range of 16 to 99) bypasses all authentication checking. This leads to a remote user gaining a privilege level of 15, which in IOS software is full administrative access (also known as enable). With administrative access, remote attackers may be able to further compromise the network. They may be able to, for example: divert/redirect traffic, possibly monitor traffic, and/or cause a denial of service
upvoted 3 times
...
deadguy1000
1 year, 9 months ago
The answer should be C as shown here https://www.rapid7.com/db/vulnerabilities/HTTP-CISCO-0002/
upvoted 1 times
Ariel235788
10 months ago
missing the whole 'HTTP' part, at least answer A has the whole but not Cisco IOS at the beginning. idk lame answer choices tbh
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago