Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam

Exam 312-49v10 topic 1 question 145 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 145
Topic #: 1
[All 312-49v10 Questions]

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some
Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers: http://172.168.4.131/level/99/exec/show/config
After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

  • A. HTTP Configuration Arbitrary Administrative Access Vulnerability
  • B. HTML Configuration Arbitrary Administrative Access Vulnerability
  • C. Cisco IOS Arbitrary Administrative Access Online Vulnerability
  • D. URL Obfuscation Arbitrary Administrative Access Vulnerability
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Kalegesa
1 month ago
Selected Answer: A
Correct Answer is A according to the exploit Database
upvoted 1 times
...
Elb
5 months, 3 weeks ago
Selected Answer: A
A > Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access
upvoted 2 times
...
geral_apoka
1 year, 2 months ago
Correct Answer: A: http://www.infosecpro.com/penetrationtest/p75.htm
upvoted 2 times
...
Manzer
1 year, 7 months ago
Selected Answer: C
Cisco IOS Arbitrary Administrative Access Online Vulnerability. The URL entered includes the IP address of the router and the command to show the configuration file, which can only be accessed by an authenticated user with administrative privileges. This vulnerability allows an attacker to bypass authentication and access sensitive information or perform unauthorized actions on the router.
upvoted 3 times
...
vcloudpmp
2 years, 7 months ago
Vulnerability Details : CVE-2001-0537 HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. Publish Date : 2001-07-21 Last Update Date : 2017-10-10 CVE-2001-0537 : HTTP server for Cisco IOS 11.3 to 12.2 ... www.cvedetails.com/cve/CVE-2001-0537/
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...