May 20, 2022 By Sergiu Gatlan
Cisco has addressed a zero-day vulnerability in its IOS XR router software that allowed unauthenticated attackers to remotely access Redis instances running in NOSi Docker containers.
The IOS XR Network OS is deployed on multiple Cisco router platforms, including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers.
The bug (tracked as CVE-2022-20821) was discovered during the resolution of a Cisco TAC (Technical Assistance Center) support case.
