using a URL of http://router.address/level/$NUMBER/exec/.... where $NUMBER is an integer between 16 and 99, it is possible for a remote user to gain full administrative access.
By sending a crafted NTP control packet, it is possible to trigger a buffer overflow in the NTP daemon
SNMP Parsing Vulnerability
Malformed SNMP messages received by affected systems can cause various parsing and processing functions to fail, which results in a system crash and reload. In some cases, access-list statements on the SNMP service do not protect the device
SNMP logging If SNMP is running, SNMP traps may be sent to a logging server.
AAA Logging If AAA is running the check the aaa accounting commands to see what logging is being sent to the Network Access Server.
ACL Violation Logging ACL can be configured to log any packets that match their rules by ending the ACL with the log or log-input keywords. These log messages are sent the the routers log buffer and to the syslog server.
You can also use ACL logging to count packets and log specific events. By configuring syslog logging and analyzing your syslog files in real time you can perform real time monitoring
The ACL access-list 149 permit tcp host 220.127.116.11 any eq 161 log-input will not block any packets, but will log all incoming SNMP requests from 18.104.22.168 to any internal host.
The ACLs access-list 148 deny tcp 22.214.171.124 0.0.0.255 any eq 53 log-input access-list 148 deny udp 126.96.36.199 0.0.0.255 any eq 53 log-input will block and log any DNS packets from the subnet 188.8.131.52/24 to any internal host.