Unpatched Zero-Day Being Exploited in the Wild, Cisco Warns


Cisco on Monday asked customers to urgently disable the HTTP Server feature on internet-facing systems that was discovered to have a critical vulnerability in its modular operating system’s web interface.

Hackers exploited the IOS XE software web user interface feature to gain administrator-level privileges, effectively taking complete control of compromised devices, Cisco Talos said in a threat advisory.

Cisco’s Web UI feature is designed to simplify deployment and user experience. It helps to build system configurations as well as monitor and troubleshoot the system without command-line interface expertise.