exam questions

Exam 312-49v10 All Questions

View all questions & answers for the 312-49v10 exam

Exam 312-49v10 topic 1 question 145 discussion

Actual exam question from ECCouncil's 312-49v10
Question #: 145
Topic #: 1
[All 312-49v10 Questions]

You are a security analyst performing a penetration tests for a company in the Midwest. After some initial reconnaissance, you discover the IP addresses of some
Cisco routers used by the company. You type in the following URL that includes the IP address of one of the routers: http://172.168.4.131/level/99/exec/show/config
After typing in this URL, you are presented with the entire configuration file for that router. What have you discovered?

  • A. HTTP Configuration Arbitrary Administrative Access Vulnerability
  • B. HTML Configuration Arbitrary Administrative Access Vulnerability
  • C. Cisco IOS Arbitrary Administrative Access Online Vulnerability
  • D. URL Obfuscation Arbitrary Administrative Access Vulnerability
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
044f354
2 weeks ago
Selected Answer: A
A. HTTP Configuration Arbitrary Administrative Access Vulnerability: Correct This vulnerability occurs when a Cisco router's HTTP service is improperly secured, allowing unauthorized access to configuration files through specific URLs. B. HTML Configuration Arbitrary Administrative Access Vulnerability: Incorrect This is a made-up term and does not describe a specific vulnerability. C. Cisco IOS Arbitrary Administrative Access Online Vulnerability: Incorrect While the vulnerability targets Cisco IOS, this term is not precise or widely recognized. D. URL Obfuscation Arbitrary Administrative Access Vulnerability: Incorrect The URL is not obfuscated, and this term does not accurately describe the issue.
upvoted 1 times
...
Kalegesa
2 months, 3 weeks ago
Selected Answer: A
Correct Answer is A according to the exploit Database
upvoted 1 times
...
Elb
7 months, 2 weeks ago
Selected Answer: A
A > Cisco IOS 11.x/12.x - HTTP Configuration Arbitrary Administrative Access
upvoted 2 times
...
geral_apoka
1 year, 4 months ago
Correct Answer: A: http://www.infosecpro.com/penetrationtest/p75.htm
upvoted 2 times
...
Manzer
1 year, 9 months ago
Selected Answer: C
Cisco IOS Arbitrary Administrative Access Online Vulnerability. The URL entered includes the IP address of the router and the command to show the configuration file, which can only be accessed by an authenticated user with administrative privileges. This vulnerability allows an attacker to bypass authentication and access sensitive information or perform unauthorized actions on the router.
upvoted 3 times
...
vcloudpmp
2 years, 9 months ago
Vulnerability Details : CVE-2001-0537 HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. Publish Date : 2001-07-21 Last Update Date : 2017-10-10 CVE-2001-0537 : HTTP server for Cisco IOS 11.3 to 12.2 ... www.cvedetails.com/cve/CVE-2001-0537/
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago