CVE-2021-1616— Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability

CVSS 4.7 · Medium EPSS 0.43% · P63 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-1616

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability in the H.323 application level gateway (ALG) used by the Network Address Translation (NAT) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to bypass the ALG. This vulnerability is due to insufficient data validation of traffic that is traversing the ALG. An attacker could exploit this vulnerability by sending crafted traffic to a targeted device. A successful exploit could allow the attacker to bypass the ALG and open connections that should not be allowed to a remote device located behind the ALG. Note: This vulnerability has been publicly discussed as NAT Slipstreaming.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

保护机制失效

Source: NVD (National Vulnerability Database)

Vulnerability Title

Cisco IOS XE Software 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Cisco IOS XE Software是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE Software 存在安全漏洞，该漏洞源于遍历ALG的流量的数据验证不足造成的。攻击者可利用该漏洞向目标设备发送精心设计的流量来绕过ALG并打开不允许连接到位于ALG后面的远程设备的连接。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Cisco	Cisco IOS XE Software	n/a	-

II. Public POCs for CVE-2021-1616

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-1616

请登录查看更多情报信息。

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-h323alg-bypass-4vy2MP2Qvendor-advisoryx_refsource_CISCO
https://nvd.nist.gov/vuln/detail/CVE-2021-1616

Same Patch Batch · Cisco · 2021-09-23 · 33 CVEs total

CVE-2021-34770	10.0 CRITICAL	Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Remote Code Exe
CVE-2021-34727	9.8 CRITICAL	Cisco IOS XE SD-WAN Software Buffer Overflow Vulnerability
CVE-2021-1619	9.8 CRITICAL	Cisco IOS XE Software NETCONF and RESTCONF Authentication Bypass Vulnerability
CVE-2021-1624	8.6 HIGH	Cisco IOS XE Software Rate Limiting Network Address Translation Denial of Service Vulnerab
CVE-2021-1622	8.6 HIGH	Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Common Open Policy Servi
CVE-2021-34768	8.6 HIGH	Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Servi
CVE-2021-34769	8.6 HIGH	Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Servi
CVE-2021-1615	8.6 HIGH	Cisco Embedded Wireless Controller Software for Catalyst Access Points Denial of Service V
CVE-2021-1611	8.6 HIGH	Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers EoGRE Denial of Servic
CVE-2021-1565	8.6 HIGH	Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Servi
CVE-2021-1419	7.8 HIGH	Cisco Access Points SSH Management Privilege Escalation Vulnerability
CVE-2021-1623	7.7 HIGH	Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers Simple Network Managemen
CVE-2021-34699	7.7 HIGH	Cisco IOS and IOS XE Software TrustSec CLI Parser Denial of Service Vulnerability
CVE-2021-1620	7.7 HIGH	Cisco IOS and IOS XE Software IKEv2 AutoReconnect Feature Denial of Service Vulnerability
CVE-2021-34767	7.4 HIGH	Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service
CVE-2021-1621	7.4 HIGH	Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability
CVE-2021-34740	7.4 HIGH	Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vul
CVE-2021-34714	7.4 HIGH	Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerabi
CVE-2021-34703	6.8 MEDIUM	Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerabilit
CVE-2021-34729	6.7 MEDIUM	Cisco IOS XE SD-WAN Software Command Injection Vulnerability

Showing top 20 of 33 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Cisco IOS XE Software

Same vendor: Cisco

Same weakness: CWE-693

V. Comments for CVE-2021-1616

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-1616— Cisco IOS XE Software H.323 Application Level Gateway Bypass Vulnerability

I. Basic Information for CVE-2021-1616

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-1616

III. Intelligence Information for CVE-2021-1616

Same Patch Batch · Cisco · 2021-09-23 · 33 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-1616

Leave a comment