CVE-2026-20125 - Vulnerability Details

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malformed HTTP requests to an affected device. A successful exploit could allow the attacker to cause a watchdog timer to expire and the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker must have a valid user account.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

IOS

affected

Version	Status	Constraints
`12.2(33)CY`	affected	—
`12.2(33)CY1`	affected	—
`12.2(33)CY2`	affected	—
`12.2(55)SE`	affected	—
`12.2(55)SE3`	affected	—
`12.2(55)SE2`	affected	—
`12.2(58)SE`	affected	—
`12.2(55)SE1`	affected	—
`12.2(58)SE1`	affected	—
`12.2(55)SE4`	affected	—
`12.2(58)SE2`	affected	—
`12.2(55)SE5`	affected	—
`12.2(55)SE6`	affected	—
`12.2(55)SE7`	affected	—
`12.2(55)SE8`	affected	—
`12.2(55)SE9`	affected	—
`12.2(55)SE10`	affected	—
`12.2(55)SE11`	affected	—
`12.2(55)SE12`	affected	—
`12.2(55)SE13`	affected	—
`12.2(25)EZ`	affected	—
`12.2(25)EZ1`	affected	—
`12.2(58)EZ`	affected	—
`12.2(53)EZ`	affected	—
`12.2(55)EZ`	affected	—
`12.2(60)EZ`	affected	—
`12.2(60)EZ1`	affected	—
`12.2(60)EZ2`	affected	—
`12.2(60)EZ3`	affected	—
`12.2(60)EZ4`	affected	—
`12.2(60)EZ5`	affected	—
`12.2(60)EZ6`	affected	—
`12.2(60)EZ7`	affected	—
`12.2(60)EZ8`	affected	—
`12.2(60)EZ9`	affected	—
`12.2(60)EZ10`	affected	—
`12.2(60)EZ11`	affected	—
`12.2(60)EZ12`	affected	—
`12.2(60)EZ13`	affected	—
`12.2(60)EZ14`	affected	—
`12.2(60)EZ15`	affected	—
`12.2(33)SXI2`	affected	—
`12.2(33)SXI3`	affected	—
`12.2(33)SXI5`	affected	—
`12.2(33)SXI4a`	affected	—
`12.2(33)SXI4`	affected	—
`12.2(33)SXI2a`	affected	—
`12.2(33)SXI`	affected	—
`12.2(33)SXI6`	affected	—
`12.2(33)SXI7`	affected	—
`12.2(33)SXI1`	affected	—
`12.2(33)SXI8`	affected	—
`12.2(33)SXI9`	affected	—
`12.2(33)SXI8a`	affected	—
`12.2(33)SXI10`	affected	—
`12.2(33)SXI11`	affected	—
`12.2(33)SXI12`	affected	—
`12.2(33)SXI13`	affected	—
`12.2(33)SXI14`	affected	—
`12.4(3)JK4`	affected	—
`12.4(3)JK1`	affected	—
`12.4(3)JK`	affected	—
`12.4(3)JK3`	affected	—
`12.4(3)JK2`	affected	—
`12.2(44)SQ`	affected	—
`12.2(44)SQ2`	affected	—
`12.2(50)SQ2`	affected	—
`12.2(50)SQ1`	affected	—
`12.2(50)SQ`	affected	—
`12.2(50)SQ3`	affected	—
`12.2(50)SQ4`	affected	—
`12.2(50)SQ5`	affected	—
`12.2(50)SQ6`	affected	—
`12.2(50)SQ7`	affected	—
`12.2(33)SRE1`	affected	—
`12.2(33)SRE2`	affected	—
`12.2(33)SRE3`	affected	—
`12.2(33)SRE4`	affected	—
`12.2(33)SRE`	affected	—
`12.2(33)SRE0a`	affected	—
`12.2(33)SRE5`	affected	—
`12.2(33)SRE6`	affected	—
`12.2(33)SRE8`	affected	—
`12.2(33)SRE7`	affected	—
`12.2(33)SRE9`	affected	—
`12.2(33)SRE7a`	affected	—
`12.2(33)SRE10`	affected	—
`12.2(33)SRE11`	affected	—
`12.2(33)SRE9a`	affected	—
`12.2(33)SRE12`	affected	—
`12.2(33)SRE13`	affected	—
`12.2(33)SRE14`	affected	—
`12.2(33)SRE15`	affected	—
`12.2(33)SRE15a`	affected	—
`15.2(1)S`	affected	—
`15.2(2)S`	affected	—
`15.2(1)S1`	affected	—
`15.2(4)S`	affected	—
`15.2(1)S2`	affected	—
`15.2(2)S1`	affected	—
`15.2(2)S2`	affected	—
`15.2(2)S0a`	affected	—
`15.2(2)S0c`	affected	—
`15.2(4)S1`	affected	—
`15.2(4)S4`	affected	—
`15.2(4)S6`	affected	—
`15.2(4)S2`	affected	—
`15.2(4)S5`	affected	—
`15.2(4)S3`	affected	—
`15.2(4)S3a`	affected	—
`15.2(4)S4a`	affected	—
`15.2(4)S7`	affected	—
`15.3(1)T`	affected	—
`15.3(2)T`	affected	—
`15.3(1)T1`	affected	—
`15.3(1)T2`	affected	—
`15.3(1)T3`	affected	—
`15.3(1)T4`	affected	—
`15.3(2)T1`	affected	—
`15.3(2)T2`	affected	—
`15.3(2)T3`	affected	—
`15.3(2)T4`	affected	—
`15.0(1)EY`	affected	—
`15.0(1)EY1`	affected	—
`15.0(1)EY2`	affected	—
`15.0(2)EY`	affected	—
`15.0(2)EY1`	affected	—
`15.0(2)EY2`	affected	—
`15.0(2)EY3`	affected	—
`15.1(2)S`	affected	—
`15.1(1)S`	affected	—
`15.1(1)S1`	affected	—
`15.1(3)S`	affected	—
`15.1(1)S2`	affected	—
`15.1(2)S1`	affected	—
`15.1(2)S2`	affected	—
`15.1(3)S1`	affected	—
`15.1(3)S0a`	affected	—
`15.1(3)S2`	affected	—
`15.1(3)S4`	affected	—
`15.1(3)S3`	affected	—
`15.1(3)S5`	affected	—
`15.1(3)S6`	affected	—
`15.1(3)S5a`	affected	—
`15.1(4)M3`	affected	—
`15.1(4)M`	affected	—
`15.1(4)M1`	affected	—
`15.1(4)M2`	affected	—
`15.1(4)M6`	affected	—
`15.1(4)M5`	affected	—
`15.1(4)M4`	affected	—
`15.1(4)M7`	affected	—
`15.1(4)M3a`	affected	—
`15.1(4)M10`	affected	—
`15.1(4)M8`	affected	—
`15.1(4)M9`	affected	—
`15.0(1)SE`	affected	—
`15.0(2)SE`	affected	—
`15.0(1)SE1`	affected	—
`15.0(1)SE2`	affected	—
`15.0(1)SE3`	affected	—
`15.0(2)SE1`	affected	—
`15.0(2)SE2`	affected	—
`15.0(2)SE3`	affected	—
`15.0(2)SE4`	affected	—
`15.0(2)SE5`	affected	—
`15.0(2)SE6`	affected	—
`15.0(2)SE7`	affected	—
`15.0(2)SE8`	affected	—
`15.0(2)SE9`	affected	—
`15.0(2)SE10`	affected	—
`15.0(2)SE11`	affected	—
`15.0(2)SE10a`	affected	—
`15.0(2)SE12`	affected	—
`15.0(2)SE13`	affected	—
`15.1(2)GC`	affected	—
`15.1(2)GC1`	affected	—
`15.1(2)GC2`	affected	—
`15.1(4)GC`	affected	—
`15.1(4)GC1`	affected	—
`15.1(4)GC2`	affected	—
`15.0(1)SY`	affected	—
`15.0(1)SY1`	affected	—
`15.0(1)SY2`	affected	—
`15.0(1)SY3`	affected	—
`15.0(1)SY4`	affected	—
`15.0(1)SY5`	affected	—
`15.0(1)SY6`	affected	—
`15.0(1)SY7`	affected	—
`15.0(1)SY8`	affected	—
`15.0(1)SY7a`	affected	—
`15.0(1)SY9`	affected	—
`15.0(1)SY10`	affected	—
`12.2(33)SXJ`	affected	—
`12.2(33)SXJ1`	affected	—
`12.2(33)SXJ2`	affected	—
`12.2(33)SXJ3`	affected	—
`12.2(33)SXJ4`	affected	—
`12.2(33)SXJ5`	affected	—
`12.2(33)SXJ6`	affected	—
`12.2(33)SXJ7`	affected	—
`12.2(33)SXJ8`	affected	—
`12.2(33)SXJ9`	affected	—
`12.2(33)SXJ10`	affected	—
`15.1(1)SG`	affected	—
`15.1(2)SG`	affected	—
`15.1(1)SG1`	affected	—
`15.1(1)SG2`	affected	—
`15.1(2)SG1`	affected	—
`15.1(2)SG2`	affected	—
`15.1(2)SG3`	affected	—
`15.1(2)SG4`	affected	—
`15.1(2)SG5`	affected	—
`15.1(2)SG6`	affected	—
`15.1(2)SG7`	affected	—
`15.1(2)SG8`	affected	—
`15.2(4)M`	affected	—
`15.2(4)M1`	affected	—
`15.2(4)M2`	affected	—
`15.2(4)M4`	affected	—
`15.2(4)M3`	affected	—
`15.2(4)M5`	affected	—
`15.2(4)M8`	affected	—
`15.2(4)M10`	affected	—
`15.2(4)M7`	affected	—
`15.2(4)M6`	affected	—
`15.2(4)M9`	affected	—
`15.2(4)M6a`	affected	—
`15.2(4)M11`	affected	—
`15.0(2)SG`	affected	—
`15.0(2)SG1`	affected	—
`15.0(2)SG2`	affected	—
`15.0(2)SG3`	affected	—
`15.0(2)SG4`	affected	—
`15.0(2)SG5`	affected	—
`15.0(2)SG6`	affected	—
`15.0(2)SG7`	affected	—
`15.0(2)SG8`	affected	—
`15.0(2)SG9`	affected	—
`15.0(2)SG10`	affected	—
`15.0(2)SG11`	affected	—
`12.4(24)MDB`	affected	—
`12.4(24)MDB1`	affected	—
`12.4(24)MDB3`	affected	—
`12.4(24)MDB4`	affected	—
`12.4(24)MDB5`	affected	—
`12.4(24)MDB6`	affected	—
`12.4(24)MDB7`	affected	—
`12.4(24)MDB5a`	affected	—
`12.4(24)MDB8`	affected	—
`12.4(24)MDB9`	affected	—
`12.4(24)MDB10`	affected	—
`12.4(24)MDB11`	affected	—
`12.4(24)MDB12`	affected	—
`12.4(24)MDB13`	affected	—
`12.4(24)MDB14`	affected	—
`12.4(24)MDB15`	affected	—
`12.4(24)MDB16`	affected	—
`12.4(24)MDB17`	affected	—
`12.4(24)MDB18`	affected	—
`12.4(24)MDB19`	affected	—
`15.2(1)GC`	affected	—
`15.2(1)GC1`	affected	—
`15.2(1)GC2`	affected	—
`15.2(2)GC`	affected	—
`15.2(3)GC`	affected	—
`15.2(3)GC1`	affected	—
`15.2(4)GC`	affected	—
`15.2(4)GC1`	affected	—
`15.2(4)GC2`	affected	—
`15.2(4)GC3`	affected	—
`12.4(25d)JAX`	affected	—
`12.4(25d)JAX1`	affected	—
`12.4(25e)JAX`	affected	—
`12.4(25e)JAX1`	affected	—
`12.4(25e)JAX2`	affected	—
`12.2(33)SCG`	affected	—
`12.2(33)SCG1`	affected	—
`12.2(33)SCG2`	affected	—
`12.2(33)SCG3`	affected	—
`12.2(33)SCG4`	affected	—
`12.2(33)SCG5`	affected	—
`12.2(33)SCG6`	affected	—
`12.2(33)SCG7`	affected	—
`15.1(1)SY`	affected	—
`15.1(1)SY1`	affected	—
`15.1(2)SY`	affected	—
`15.1(2)SY1`	affected	—
`15.1(2)SY2`	affected	—
`15.1(1)SY2`	affected	—
`15.1(1)SY3`	affected	—
`15.1(2)SY3`	affected	—
`15.1(1)SY4`	affected	—
`15.1(2)SY4`	affected	—
`15.1(1)SY5`	affected	—
`15.1(2)SY5`	affected	—
`15.1(2)SY4a`	affected	—
`15.1(1)SY6`	affected	—
`15.1(2)SY6`	affected	—
`15.1(2)SY7`	affected	—
`15.1(2)SY8`	affected	—
`15.1(2)SY9`	affected	—
`15.1(2)SY10`	affected	—
`15.1(2)SY11`	affected	—
`15.1(2)SY12`	affected	—
`15.1(2)SY13`	affected	—
`15.1(2)SY14`	affected	—
`15.1(2)SY15`	affected	—
`15.1(2)SY16`	affected	—
`15.3(1)S`	affected	—
`15.3(2)S`	affected	—
`15.3(3)S`	affected	—
`15.3(1)S2`	affected	—
`15.3(1)S1`	affected	—
`15.3(2)S2`	affected	—
`15.3(2)S1`	affected	—
`15.3(3)S1`	affected	—
`15.3(3)S2`	affected	—
`15.3(3)S3`	affected	—
`15.3(3)S6`	affected	—
`15.3(3)S4`	affected	—
`15.3(3)S1a`	affected	—
`15.3(3)S5`	affected	—
`15.3(3)S7`	affected	—
`15.3(3)S8`	affected	—
`15.3(3)S9`	affected	—
`15.3(3)S10`	affected	—
`15.3(3)S8a`	affected	—
`15.4(1)T`	affected	—
`15.4(2)T`	affected	—
`15.4(1)T2`	affected	—
`15.4(1)T1`	affected	—
`15.4(1)T3`	affected	—
`15.4(2)T1`	affected	—
`15.4(2)T3`	affected	—
`15.4(2)T2`	affected	—
`15.4(1)T4`	affected	—
`15.4(2)T4`	affected	—
`12.4(25e)JAZ`	affected	—
`12.2(33)SCH`	affected	—
`12.2(33)SCH1`	affected	—
`12.2(33)SCH2`	affected	—
`12.2(33)SCH0a`	affected	—
`12.2(33)SCH3`	affected	—
`12.2(33)SCH2a`	affected	—
`12.2(33)SCH4`	affected	—
`12.2(33)SCH5`	affected	—
`12.2(33)SCH6`	affected	—
`12.4(25e)JAM`	affected	—
`12.4(25e)JAM2`	affected	—
`12.4(25e)JAM3`	affected	—
`12.4(25e)JAM4`	affected	—
`12.4(25e)JAM5`	affected	—
`12.4(25e)JAM6`	affected	—
`15.0(2)EA`	affected	—
`15.0(2)EA1`	affected	—
`15.2(1)E`	affected	—
`15.2(2)E`	affected	—
`15.2(1)E1`	affected	—
`15.2(3)E`	affected	—
`15.2(1)E2`	affected	—
`15.2(1)E3`	affected	—
`15.2(2)E1`	affected	—
`15.2(4)E`	affected	—
`15.2(3)E1`	affected	—
`15.2(2)E2`	affected	—
`15.2(2a)E1`	affected	—
`15.2(2)E3`	affected	—
`15.2(2a)E2`	affected	—
`15.2(3)E2`	affected	—
`15.2(3a)E`	affected	—
`15.2(3)E3`	affected	—
`15.2(4)E1`	affected	—
`15.2(2)E4`	affected	—
`15.2(2)E5`	affected	—
`15.2(4)E2`	affected	—
`15.2(3)E4`	affected	—
`15.2(5)E`	affected	—
`15.2(4)E3`	affected	—
`15.2(2)E6`	affected	—
`15.2(5a)E`	affected	—
`15.2(5)E1`	affected	—
`15.2(5b)E`	affected	—
`15.2(2)E5a`	affected	—
`15.2(5c)E`	affected	—
`15.2(2)E5b`	affected	—
`15.2(5a)E1`	affected	—
`15.2(4)E4`	affected	—
`15.2(2)E7`	affected	—
`15.2(5)E2`	affected	—
`15.2(6)E`	affected	—
`15.2(4)E5`	affected	—
`15.2(5)E2c`	affected	—
`15.2(2)E8`	affected	—
`15.2(6)E0a`	affected	—
`15.2(6)E1`	affected	—
`15.2(6)E0c`	affected	—
`15.2(4)E6`	affected	—
`15.2(6)E2`	affected	—
`15.2(2)E9`	affected	—
`15.2(4)E7`	affected	—
`15.2(7)E`	affected	—
`15.2(2)E10`	affected	—
`15.2(4)E8`	affected	—
`15.2(6)E2a`	affected	—
`15.2(6)E2b`	affected	—
`15.2(7)E1`	affected	—
`15.2(7)E0a`	affected	—
`15.2(7)E0b`	affected	—
`15.2(7)E0s`	affected	—
`15.2(6)E3`	affected	—
`15.2(4)E9`	affected	—
`15.2(7)E2`	affected	—
`15.2(7a)E0b`	affected	—
`15.2(4)E10`	affected	—
`15.2(7)E3`	affected	—
`15.2(7)E1a`	affected	—
`15.2(7b)E0b`	affected	—
`15.2(7)E2a`	affected	—
`15.2(4)E10a`	affected	—
`15.2(7)E4`	affected	—
`15.2(7)E3k`	affected	—
`15.2(8)E`	affected	—
`15.2(8)E1`	affected	—
`15.2(7)E5`	affected	—
`15.2(7)E6`	affected	—
`15.2(8)E2`	affected	—
`15.2(4)E10d`	affected	—
`15.2(7)E7`	affected	—
`15.2(8)E3`	affected	—
`15.2(7)E8`	affected	—
`15.2(8)E4`	affected	—
`15.2(7)E9`	affected	—
`15.2(8)E5`	affected	—
`15.2(8)E6`	affected	—
`15.2(7)E10`	affected	—
`15.2(7)E11`	affected	—
`15.2(8)E7`	affected	—
`15.2(7)E12`	affected	—
`15.2(8)E8`	affected	—
`15.2(7)E13`	affected	—
`15.2(2)JB`	affected	—
`15.2(2)JB2`	affected	—
`15.2(4)JB`	affected	—
`15.2(2)JB3`	affected	—
`15.2(4)JB1`	affected	—
`15.2(4)JB2`	affected	—
`15.2(4)JB3`	affected	—
`15.2(4)JB3a`	affected	—
`15.2(2)JB4`	affected	—
`15.2(4)JB4`	affected	—
`15.2(4)JB3h`	affected	—
`15.2(4)JB3b`	affected	—
`15.2(4)JB3s`	affected	—
`15.2(4)JB5`	affected	—
`15.2(4)JB5m`	affected	—
`15.2(4)JB6`	affected	—
`15.2(2)JB5`	affected	—
`15.2(2)JB6`	affected	—
`15.4(1)S`	affected	—
`15.4(2)S`	affected	—
`15.4(3)S`	affected	—
`15.4(1)S1`	affected	—
`15.4(1)S2`	affected	—
`15.4(2)S1`	affected	—
`15.4(1)S3`	affected	—
`15.4(3)S1`	affected	—
`15.4(2)S2`	affected	—
`15.4(3)S2`	affected	—
`15.4(3)S3`	affected	—
`15.4(1)S4`	affected	—
`15.4(2)S3`	affected	—
`15.4(2)S4`	affected	—
`15.4(3)S4`	affected	—
`15.4(3)S5`	affected	—
`15.4(3)S6`	affected	—
`15.4(3)S7`	affected	—
`15.4(3)S6a`	affected	—
`15.4(3)S8`	affected	—
`15.4(3)S9`	affected	—
`15.4(3)S10`	affected	—
`15.2(2)JAX`	affected	—
`15.3(3)M`	affected	—
`15.3(3)M1`	affected	—
`15.3(3)M2`	affected	—
`15.3(3)M3`	affected	—
`15.3(3)M5`	affected	—
`15.3(3)M4`	affected	—
`15.3(3)M6`	affected	—
`15.3(3)M7`	affected	—
`15.3(3)M8`	affected	—
`15.3(3)M9`	affected	—
`15.3(3)M10`	affected	—
`15.3(3)M8a`	affected	—
`15.2(4)JN`	affected	—
`15.2(1)EY`	affected	—
`15.0(2)EJ`	affected	—
`15.0(2)EJ1`	affected	—
`15.2(1)SY`	affected	—
`15.2(1)SY1`	affected	—
`15.2(1)SY0a`	affected	—
`15.2(1)SY2`	affected	—
`15.2(2)SY`	affected	—
`15.2(1)SY1a`	affected	—
`15.2(2)SY1`	affected	—
`15.2(2)SY2`	affected	—
`15.2(1)SY3`	affected	—
`15.2(1)SY4`	affected	—
`15.2(2)SY3`	affected	—
`15.2(1)SY5`	affected	—
`15.2(1)SY6`	affected	—
`15.2(1)SY7`	affected	—
`15.2(1)SY8`	affected	—
`15.2(5)EX`	affected	—
`12.4(25e)JAO`	affected	—
`12.4(25e)JAO1`	affected	—
`12.4(25e)JAO2`	affected	—
`12.4(25e)JAO3`	affected	—
`12.4(25e)JAO4`	affected	—
`12.4(25e)JAO5`	affected	—
`12.4(25e)JAO6`	affected	—
`15.0(2)EK`	affected	—
`15.0(2)EK1`	affected	—
`15.4(1)CG`	affected	—
`15.4(1)CG1`	affected	—
`15.4(2)CG`	affected	—
`15.5(1)S`	affected	—
`15.5(2)S`	affected	—
`15.5(1)S1`	affected	—
`15.5(3)S`	affected	—
`15.5(1)S2`	affected	—
`15.5(1)S3`	affected	—
`15.5(2)S1`	affected	—
`15.5(2)S2`	affected	—
`15.5(3)S1`	affected	—
`15.5(3)S1a`	affected	—
`15.5(2)S3`	affected	—
`15.5(3)S2`	affected	—
`15.5(3)S0a`	affected	—
`15.5(3)S3`	affected	—
`15.5(1)S4`	affected	—
`15.5(2)S4`	affected	—
`15.5(3)S4`	affected	—
`15.5(3)S5`	affected	—
`15.5(3)S6`	affected	—
`15.5(3)S6a`	affected	—
`15.5(3)S7`	affected	—
`15.5(3)S6b`	affected	—
`15.5(3)S8`	affected	—
`15.5(3)S9`	affected	—
`15.5(3)S10`	affected	—
`15.5(3)S9a`	affected	—
`15.5(1)T`	affected	—
`15.5(1)T1`	affected	—
`15.5(2)T`	affected	—
`15.5(1)T2`	affected	—
`15.5(1)T3`	affected	—
`15.5(2)T1`	affected	—
`15.5(2)T2`	affected	—
`15.5(2)T3`	affected	—
`15.5(2)T4`	affected	—
`15.5(1)T4`	affected	—
`15.2(2)EA`	affected	—
`15.2(2)EA1`	affected	—
`15.2(2)EA2`	affected	—
`15.2(3)EA`	affected	—
`15.2(4)EA`	affected	—
`15.2(4)EA1`	affected	—
`15.2(2)EA3`	affected	—
`15.2(4)EA3`	affected	—
`15.2(5)EA`	affected	—
`15.2(4)EA4`	affected	—
`15.2(4)EA5`	affected	—
`15.2(4)EA6`	affected	—
`15.2(4)EA7`	affected	—
`15.2(4)EA8`	affected	—
`15.2(4)EA9`	affected	—
`15.2(4)EA9a`	affected	—
`15.3(3)JN3`	affected	—
`15.3(3)JN4`	affected	—
`15.3(3)JN7`	affected	—
`15.3(3)JN8`	affected	—
`15.3(3)JN9`	affected	—
`15.5(3)M`	affected	—
`15.5(3)M1`	affected	—
`15.5(3)M0a`	affected	—
`15.5(3)M2`	affected	—
`15.5(3)M3`	affected	—
`15.5(3)M4`	affected	—
`15.5(3)M4a`	affected	—
`15.5(3)M5`	affected	—
`15.5(3)M6`	affected	—
`15.5(3)M7`	affected	—
`15.5(3)M6a`	affected	—
`15.5(3)M8`	affected	—
`15.5(3)M9`	affected	—
`15.5(3)M10`	affected	—
`12.2(33)SCI`	affected	—
`12.2(33)SCI1`	affected	—
`12.2(33)SCI1a`	affected	—
`12.2(33)SCI2`	affected	—
`12.2(33)SCI3`	affected	—
`12.2(33)SCI2a`	affected	—
`12.4(25e)JAP`	affected	—
`12.4(25e)JAP1`	affected	—
`12.4(25e)JAP4`	affected	—
`12.4(25e)JAP5`	affected	—
`12.4(25e)JAP6`	affected	—
`12.4(25e)JAP1n`	affected	—
`12.4(25e)JAP7`	affected	—
`12.4(25e)JAP8`	affected	—
`12.4(25e)JAP10`	affected	—
`12.4(25e)JAP11`	affected	—
`12.4(25e)JAP12`	affected	—
`15.3(3)JA`	affected	—
`15.3(3)JA1m`	affected	—
`15.3(3)JA1`	affected	—
`15.3(3)JA4`	affected	—
`15.3(3)JA5`	affected	—
`15.3(3)JA6`	affected	—
`15.3(3)JA7`	affected	—
`15.3(3)JA8`	affected	—
`15.3(3)JA10`	affected	—
`15.3(3)JA11`	affected	—
`15.3(3)JA12`	affected	—
`15.3(3)JAA`	affected	—
`15.3(3)JAA11`	affected	—
`15.3(3)JAA12`	affected	—
`15.3(3)JAB`	affected	—
`15.3(3)JB`	affected	—
`15.5(3)SN`	affected	—
`15.0(2)SQD`	affected	—
`15.0(2)SQD1`	affected	—
`15.0(2)SQD2`	affected	—
`15.0(2)SQD3`	affected	—
`15.0(2)SQD4`	affected	—
`15.0(2)SQD5`	affected	—
`15.0(2)SQD6`	affected	—
`15.0(2)SQD7`	affected	—
`15.0(2)SQD8`	affected	—
`15.6(1)S`	affected	—
`15.6(2)S`	affected	—
`15.6(2)S1`	affected	—
`15.6(1)S1`	affected	—
`15.6(1)S2`	affected	—
`15.6(2)S2`	affected	—
`15.6(1)S3`	affected	—
`15.6(2)S3`	affected	—
`15.6(1)S4`	affected	—
`15.6(2)S4`	affected	—
`15.6(1)T`	affected	—
`15.6(2)T`	affected	—
`15.6(1)T0a`	affected	—
`15.6(1)T1`	affected	—
`15.6(2)T1`	affected	—
`15.6(1)T2`	affected	—
`15.6(2)T2`	affected	—
`15.6(1)T3`	affected	—
`15.6(2)T3`	affected	—
`15.3(3)JNB`	affected	—
`15.3(3)JNB1`	affected	—
`15.3(3)JNB2`	affected	—
`15.3(3)JNB3`	affected	—
`15.3(3)JNB4`	affected	—
`15.3(3)JNB6`	affected	—
`15.3(3)JNB5`	affected	—
`15.3(3)JAX`	affected	—
`15.3(3)JAX1`	affected	—
`15.3(3)JAX2`	affected	—
`15.3(3)JBB`	affected	—
`15.3(3)JBB1`	affected	—
`15.3(3)JBB2`	affected	—
`15.3(3)JBB4`	affected	—
`15.3(3)JBB5`	affected	—
`15.3(3)JBB6`	affected	—
`15.3(3)JBB8`	affected	—
`15.3(3)JBB6a`	affected	—
`15.3(3)JC`	affected	—
`15.3(3)JC1`	affected	—
`15.3(3)JC2`	affected	—
`15.3(3)JC3`	affected	—
`15.3(3)JC4`	affected	—
`15.3(3)JC5`	affected	—
`15.3(3)JC6`	affected	—
`15.3(3)JC8`	affected	—
`15.3(3)JC9`	affected	—
`15.3(3)JC14`	affected	—
`15.3(1)SY`	affected	—
`15.3(1)SY1`	affected	—
`15.3(1)SY2`	affected	—
`15.3(3)JNC`	affected	—
`15.3(3)JNC1`	affected	—
`15.3(3)JNC4`	affected	—
`12.2(33)SCJ`	affected	—
`12.2(33)SCJ1a`	affected	—
`12.2(33)SCJ2`	affected	—
`12.2(33)SCJ2a`	affected	—
`12.2(33)SCJ2b`	affected	—
`12.2(33)SCJ2c`	affected	—
`12.2(33)SCJ3`	affected	—
`12.2(33)SCJ4`	affected	—
`15.3(3)JNP`	affected	—
`15.3(3)JNP1`	affected	—
`15.3(3)JNP3`	affected	—
`15.6(2)SP`	affected	—
`15.6(2)SP1`	affected	—
`15.6(2)SP2`	affected	—
`15.6(2)SP3`	affected	—
`15.6(2)SP4`	affected	—
`15.6(2)SP5`	affected	—
`15.6(2)SP6`	affected	—
`15.6(2)SP7`	affected	—
`15.6(2)SP8`	affected	—
`15.6(2)SP9`	affected	—
`15.6(2)SN`	affected	—
`15.3(3)JPB`	affected	—
`15.3(3)JPB1`	affected	—
`15.3(3)JD`	affected	—
`15.3(3)JD2`	affected	—
`15.3(3)JD3`	affected	—
`15.3(3)JD4`	affected	—
`15.3(3)JD5`	affected	—
`15.3(3)JD6`	affected	—
`15.3(3)JD7`	affected	—
`15.3(3)JD8`	affected	—
`15.3(3)JD9`	affected	—
`15.3(3)JD11`	affected	—
`15.3(3)JD13`	affected	—
`15.3(3)JD14`	affected	—
`15.3(3)JD16`	affected	—
`15.3(3)JD17`	affected	—
`15.6(3)M`	affected	—
`15.6(3)M1`	affected	—
`15.6(3)M0a`	affected	—
`15.6(3)M1b`	affected	—
`15.6(3)M2`	affected	—
`15.6(3)M2a`	affected	—
`15.6(3)M3`	affected	—
`15.6(3)M3a`	affected	—
`15.6(3)M4`	affected	—
`15.6(3)M5`	affected	—
`15.6(3)M6`	affected	—
`15.6(3)M7`	affected	—
`15.6(3)M6a`	affected	—
`15.6(3)M6b`	affected	—
`15.6(3)M8`	affected	—
`15.6(3)M9`	affected	—
`15.2(4)EC1`	affected	—
`15.2(4)EC2`	affected	—
`15.3(3)JPC`	affected	—
`15.3(3)JPC1`	affected	—
`15.3(3)JPC2`	affected	—
`15.3(3)JPC3`	affected	—
`15.3(3)JPC5`	affected	—
`15.3(3)JND`	affected	—
`15.3(3)JND1`	affected	—
`15.3(3)JND2`	affected	—
`15.3(3)JND3`	affected	—
`15.4(1)SY`	affected	—
`15.4(1)SY1`	affected	—
`15.4(1)SY2`	affected	—
`15.4(1)SY3`	affected	—
`15.4(1)SY4`	affected	—
`15.3(3)JE`	affected	—
`15.3(3)JPD`	affected	—
`15.3(3)JDA7`	affected	—
`15.3(3)JDA8`	affected	—
`15.3(3)JDA9`	affected	—
`15.3(3)JDA11`	affected	—
`15.3(3)JDA13`	affected	—
`15.3(3)JDA14`	affected	—
`15.3(3)JDA16`	affected	—
`15.3(3)JDA17`	affected	—
`15.5(1)SY`	affected	—
`15.5(1)SY1`	affected	—
`15.5(1)SY2`	affected	—
`15.5(1)SY3`	affected	—
`15.5(1)SY4`	affected	—
`15.5(1)SY5`	affected	—
`15.5(1)SY6`	affected	—
`15.5(1)SY7`	affected	—
`15.5(1)SY8`	affected	—
`15.5(1)SY9`	affected	—
`15.5(1)SY10`	affected	—
`15.5(1)SY11`	affected	—
`15.5(1)SY12`	affected	—
`15.5(1)SY13`	affected	—
`15.5(1)SY14`	affected	—
`15.5(1)SY15`	affected	—
`15.5(1)SY16`	affected	—
`15.3(3)JF`	affected	—
`15.3(3)JF1`	affected	—
`15.3(3)JF2`	affected	—
`15.3(3)JF4`	affected	—
`15.3(3)JF5`	affected	—
`15.3(3)JF6`	affected	—
`15.3(3)JF7`	affected	—
`15.3(3)JF8`	affected	—
`15.3(3)JF9`	affected	—
`15.3(3)JF10`	affected	—
`15.3(3)JF11`	affected	—
`15.3(3)JF12`	affected	—
`15.3(3)JF12i`	affected	—
`15.3(3)JF14`	affected	—
`15.3(3)JF14i`	affected	—
`15.3(3)JF15`	affected	—
`15.3(3)JCA7`	affected	—
`15.3(3)JCA8`	affected	—
`15.3(3)JCA9`	affected	—
`15.7(3)M`	affected	—
`15.7(3)M1`	affected	—
`15.7(3)M0a`	affected	—
`15.7(3)M3`	affected	—
`15.7(3)M2`	affected	—
`15.7(3)M4`	affected	—
`15.7(3)M5`	affected	—
`15.7(3)M4a`	affected	—
`15.7(3)M4b`	affected	—
`15.7(3)M6`	affected	—
`15.7(3)M7`	affected	—
`15.7(3)M8`	affected	—
`15.7(3)M9`	affected	—
`15.3(3)JG`	affected	—
`15.3(3)JG1`	affected	—
`15.3(3)JH`	affected	—
`15.3(3)JH1`	affected	—
`15.3(3)JI1`	affected	—
`15.3(3)JI3`	affected	—
`15.3(3)JI4`	affected	—
`15.3(3)JI5`	affected	—
`15.3(3)JI6`	affected	—
`15.8(3)M`	affected	—
`15.8(3)M1`	affected	—
`15.8(3)M0a`	affected	—
`15.8(3)M0b`	affected	—
`15.8(3)M2`	affected	—
`15.8(3)M1a`	affected	—
`15.8(3)M3`	affected	—
`15.8(3)M2a`	affected	—
`15.8(3)M4`	affected	—
`15.8(3)M3a`	affected	—
`15.8(3)M3b`	affected	—
`15.8(3)M5`	affected	—
`15.8(3)M6`	affected	—
`15.8(3)M7`	affected	—
`15.8(3)M8`	affected	—
`15.8(3)M9`	affected	—
`15.9(3)M`	affected	—
`15.9(3)M1`	affected	—
`15.9(3)M0a`	affected	—
`15.9(3)M2`	affected	—
`15.9(3)M3`	affected	—
`15.9(3)M2a`	affected	—
`15.9(3)M3a`	affected	—
`15.9(3)M4`	affected	—
`15.9(3)M3b`	affected	—
`15.9(3)M5`	affected	—
`15.9(3)M4a`	affected	—
`15.9(3)M6`	affected	—
`15.9(3)M7`	affected	—
`15.9(3)M6a`	affected	—
`15.9(3)M6b`	affected	—
`15.9(3)M8`	affected	—
`15.9(3)M7a`	affected	—
`15.9(3)M9`	affected	—
`15.9(3)M8b`	affected	—
`15.9(3)M10`	affected	—
`15.9(3)M11`	affected	—
`15.9(3)M12`	affected	—
`15.3(3)JK`	affected	—
`15.3(3)JK1`	affected	—
`15.3(3)JK2`	affected	—
`15.3(3)JK3`	affected	—
`15.3(3)JK2a`	affected	—
`15.3(3)JK1t`	affected	—
`15.3(3)JK4`	affected	—
`15.3(3)JK5`	affected	—
`15.3(3)JK6`	affected	—
`15.3(3)JK7`	affected	—
`15.3(3)JK8`	affected	—
`15.3(3)JK8a`	affected	—
`15.3(3)JK8b`	affected	—
`15.3(3)JK9`	affected	—
`15.3(3)JK10`	affected	—
`15.3(3)JK11`	affected	—
`15.3(3)JJ`	affected	—
`15.3(3)JJ1`	affected	—
`15.3(3)JPI1`	affected	—
`15.3(3)JPI4`	affected	—
`15.3(3)JPI1t`	affected	—
`15.3(3)JPI5`	affected	—
`15.3(3)JPI7`	affected	—
`15.3(3)JPI6a`	affected	—
`15.3(3)JPI8a`	affected	—
`15.3(3)JPI9`	affected	—
`15.3(3)JPI10`	affected	—
`15.3(3)JPJ2`	affected	—
`15.3(3)JPJ3`	affected	—
`15.3(3)JPJ2t`	affected	—
`15.3(3)JPJ3a`	affected	—
`15.3(3)JPJ4`	affected	—
`15.3(3)JPJ5`	affected	—
`15.3(3)JPJ6`	affected	—
`15.3(3)JPJ7`	affected	—
`15.3(3)JPJ7c`	affected	—
`15.3(3)JPJ8a`	affected	—
`15.3(3)JPJ9`	affected	—
`15.3(3)JPJ10`	affected	—
`15.3(3)JPJ11`	affected	—
`15.3(3)JPK`	affected	—
`15.3(3)JPK1`	affected	—
`15.3(3)JPK2`	affected	—
`15.3(3)JPK3`	affected	—
`15.3(3)JPK4`	affected	—
`15.3(3)JPK5`	affected	—
`15.3(3)JPK6`	affected	—
`15.3(3)JPK7`	affected	—
`15.3(3)JPK8`	affected	—
`15.3(3)JPK9`	affected	—
`15.3(3)JPL`	affected	—
`15.3(3)JPM`	affected	—
`15.3(3)JPN`	affected	—
`15.3(3)JPN1`	affected	—
`15.3(3)JPN2`	affected	—
`15.3(3)JPN3`	affected	—
`15.3(3)JPN4`	affected	—
`15.3(3)JPN5`	affected	—
`15.3(3)JPN6`	affected	—
`15.3(3)JPN7`	affected	—
`15.3(3)JPO`	affected	—
`15.3(3)JPP`	affected	—
`15.3(3)JPQ`	affected	—
`15.3(3)JPQ1`	affected	—
`15.3(3)JPQ2`	affected	—
`15.3(3)JPQ3`	affected	—
`15.3(3)JPQ4`	affected	—
`15.3(3)JPQ5`	affected	—
`15.3(3)JPR`	affected	—
`15.3(3)JPS`	affected	—
`15.3(3)JPT`	affected	—
`15.3(3)JPT1`	affected	—
`15.3(3)JPT2`	affected	—
`15.3(3)JPT3`	affected	—

Cisco

Cisco IOS XE Software

affected

Version	Status	Constraints
`3.5.0E`	affected	—
`3.5.1E`	affected	—
`3.5.2E`	affected	—
`3.5.3E`	affected	—
`3.11.1S`	affected	—
`3.11.2S`	affected	—
`3.11.0S`	affected	—
`3.11.3S`	affected	—
`3.11.4S`	affected	—
`3.12.0S`	affected	—
`3.12.1S`	affected	—
`3.12.2S`	affected	—
`3.12.3S`	affected	—
`3.12.0aS`	affected	—
`3.12.4S`	affected	—
`3.13.0S`	affected	—
`3.13.1S`	affected	—
`3.13.2S`	affected	—
`3.13.3S`	affected	—
`3.13.4S`	affected	—
`3.13.5S`	affected	—
`3.13.2aS`	affected	—
`3.13.0aS`	affected	—
`3.13.5aS`	affected	—
`3.13.6S`	affected	—
`3.13.7S`	affected	—
`3.13.6aS`	affected	—
`3.13.7aS`	affected	—
`3.13.8S`	affected	—
`3.13.9S`	affected	—
`3.13.10S`	affected	—
`3.6.0E`	affected	—
`3.6.1E`	affected	—
`3.6.2aE`	affected	—
`3.6.2E`	affected	—
`3.6.3E`	affected	—
`3.6.4E`	affected	—
`3.6.5E`	affected	—
`3.6.6E`	affected	—
`3.6.5aE`	affected	—
`3.6.7E`	affected	—
`3.6.8E`	affected	—
`3.6.7bE`	affected	—
`3.6.9E`	affected	—
`3.6.10E`	affected	—
`3.14.0S`	affected	—
`3.14.1S`	affected	—
`3.14.2S`	affected	—
`3.14.3S`	affected	—
`3.14.4S`	affected	—
`3.15.0S`	affected	—
`3.15.1S`	affected	—
`3.15.2S`	affected	—
`3.15.1cS`	affected	—
`3.15.3S`	affected	—
`3.15.4S`	affected	—
`3.7.0E`	affected	—
`3.7.1E`	affected	—
`3.7.2E`	affected	—
`3.7.3E`	affected	—
`3.7.4E`	affected	—
`3.7.5E`	affected	—
`3.5.0SQ`	affected	—
`3.5.1SQ`	affected	—
`3.5.2SQ`	affected	—
`3.5.3SQ`	affected	—
`3.5.4SQ`	affected	—
`3.5.5SQ`	affected	—
`3.5.6SQ`	affected	—
`3.5.7SQ`	affected	—
`3.5.8SQ`	affected	—
`3.16.0S`	affected	—
`3.16.1S`	affected	—
`3.16.1aS`	affected	—
`3.16.2S`	affected	—
`3.16.2aS`	affected	—
`3.16.0cS`	affected	—
`3.16.3S`	affected	—
`3.16.2bS`	affected	—
`3.16.3aS`	affected	—
`3.16.4S`	affected	—
`3.16.4aS`	affected	—
`3.16.4bS`	affected	—
`3.16.5S`	affected	—
`3.16.4dS`	affected	—
`3.16.6S`	affected	—
`3.16.7S`	affected	—
`3.16.6bS`	affected	—
`3.16.7aS`	affected	—
`3.16.7bS`	affected	—
`3.16.8S`	affected	—
`3.16.9S`	affected	—
`3.16.10S`	affected	—
`3.17.0S`	affected	—
`3.17.1S`	affected	—
`3.17.2S`	affected	—
`3.17.1aS`	affected	—
`3.17.3S`	affected	—
`3.17.4S`	affected	—
`3.8.0E`	affected	—
`3.8.1E`	affected	—
`3.8.2E`	affected	—
`3.8.3E`	affected	—
`3.8.4E`	affected	—
`3.8.5E`	affected	—
`3.8.5aE`	affected	—
`3.8.6E`	affected	—
`3.8.7E`	affected	—
`3.8.8E`	affected	—
`3.8.9E`	affected	—
`3.8.10E`	affected	—
`3.18.0aS`	affected	—
`3.18.0S`	affected	—
`3.18.1S`	affected	—
`3.18.2S`	affected	—
`3.18.3S`	affected	—
`3.18.4S`	affected	—
`3.18.0SP`	affected	—
`3.18.1SP`	affected	—
`3.18.1aSP`	affected	—
`3.18.1bSP`	affected	—
`3.18.1cSP`	affected	—
`3.18.2SP`	affected	—
`3.18.2aSP`	affected	—
`3.18.3SP`	affected	—
`3.18.4SP`	affected	—
`3.18.3aSP`	affected	—
`3.18.3bSP`	affected	—
`3.18.5SP`	affected	—
`3.18.6SP`	affected	—
`3.18.7SP`	affected	—
`3.18.8aSP`	affected	—
`3.18.9SP`	affected	—
`3.9.0E`	affected	—
`3.9.1E`	affected	—
`3.9.2E`	affected	—
`3.10.0E`	affected	—
`3.10.1E`	affected	—
`3.10.0cE`	affected	—
`3.10.2E`	affected	—
`3.10.3E`	affected	—
`3.11.0E`	affected	—
`3.11.1E`	affected	—
`3.11.2E`	affected	—
`3.11.3E`	affected	—
`3.11.1aE`	affected	—
`3.11.4E`	affected	—
`3.11.3aE`	affected	—
`3.11.5E`	affected	—
`3.11.6E`	affected	—
`3.11.7E`	affected	—
`3.11.8E`	affected	—
`3.11.9E`	affected	—
`3.11.10E`	affected	—
`3.11.11E`	affected	—
`3.11.12E`	affected	—
`3.11.13E`	affected	—

No data.

Project Subscriptions

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-dos-sbv8XRpL

History

Wed, 25 Mar 2026 16:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malformed HTTP requests to an affected device. A successful exploit could allow the attacker to cause a watchdog timer to expire and the device to reload, resulting in a DoS condition. To exploit this vulnerability, the attacker must have a valid user account.
Weaknesses		CWE-228
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-dos-sbv8XRpL
Metrics		cvssV3_1 `{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2026-03-25T16:04:29.117Z

Updated: 2026-03-25T17:52:07.963Z

Reserved: 2025-10-08T11:59:15.378Z

Link: CVE-2026-20125

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-03-25T16:16:16.750

Modified: 2026-03-25T16:16:16.750

Link: CVE-2026-20125

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-228

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object