vulnerability

Cisco FTD: CVE-2021-1223: Multiple Cisco Products Snort HTTP Detection Engine File Policy Bypass Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:N/I:P/A:N)	Jan 13, 2021	Jan 29, 2025	Mar 31, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Jan 13, 2021

Added

Jan 29, 2025

Modified

Mar 31, 2026

Description

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. The vulnerability is due to incorrect handling of an HTTP range header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass configured file policy for HTTP packets and deliver a malicious payload.

Solution

cisco-ftd-upgrade-latest

References

CVE-2021-1223
https://attackerkb.com/topics/CVE-2021-1223
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-filepolbypass-67DEwMe2
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-6690
CISCO-cisco-sa-snort-filepolbypass-67DEwMe2
CWE-693
EUVD-EUVD-2021-6690

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report