Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-0171

UNKNOWN
Published 2018-03-28T22:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-0171. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

Available Exploits

No exploits available for this CVE.

Related News

Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE

In a deep dive published by Guy Bruneau, Senior Security Consultant and former network engineer, the lingering dangers The post Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE appeared first on Daily CyberSecurity.

SecurityOnline.info 2025-04-10 02:00
Read More
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telec…

Internet 2025-02-21 07:38
Read More

Known Exploited Vulnerability

This vulnerability is actively being exploited in the wild

View KEV Details

Remediation Status

Overdue

Due Date

May 3, 2022

Added to KEV

November 3, 2021

Required Action

Apply updates per vendor instructions.

Affected Product

Vendor/Project: Cisco
Product: IOS and IOS XE

Ransomware Risk

Known Ransomware Use
KEV Catalog Version: 2025.01.24 Released: January 24, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed CRITICAL

GHSA-4w6g-87mh-x63x

Advisory Details

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

CVSS Scoring

CVSS Score

9.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-0171
WEB https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04
WEB https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05
WEB https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
WEB https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490
WEB http://www.securityfocus.com/bid/103538
WEB http://www.securitytracker.com/id/1040580

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04
http://www.securitytracker.com/id/1040580
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
https://www.darkreading.com/perimeter/attackers-exploit-cisco-switch-issue-as-vendor-warns-of-yet-another-critical-flaw/d/d-id/1331490
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05
http://www.securityfocus.com/bid/103538
Published: 2018-03-28T22:00:00
Last Modified: 2024-11-13T18:24:11.004Z
Copied to clipboard!