Published: 28/03/2018 Updated: 04/09/2020

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 891

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote malicious user to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the malicious user to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the malicious user to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco ios 15.2\\(5\\)e

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device The vulnerability is due to improper validation of packet data ...

In recent weeks, Cisco has published several documents related to the Smart Install feature: one Talos blog about potential misuse of the feature if left enabled, and two Cisco Security Advisories that were included in the March 2018 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication Given the heightened awareness, ...

Cisco SmartInstall Exploit [CVE-2018-0171]

Cisco-Smart-Exploit Cisco SmartInstall Exploit CVE-2018-0171 Inspired from C Papathanasiou PoC This Python 3 script uses port 4786 on a Cisco device running SmartInstall to exploit CVE-2018-0171 With the use of this exploit, an attacker can craft a payload, send it to the Cisco device, and then extract the contents of the running-config file The Cisco Smart Exploit script

For novices

滲透基礎以下內容皆參考他人之網頁。所有內容請用於對自己的設備或環境進行測試，本站不負任何法律責任。流程偵查(受測)目標 google hacking 網站目錄列舉掃描網路 nmap acunetix Zmap 漏洞或弱點利用 XSS SQL Injection 上傳web shell 密碼破解 cve等已知漏洞提升權限維持存取 google ha

Mitigate Networking CVE This repo is to show how to write a Playbook to mitigate CVEs for networking devices This is used as a demonstration only and should be modified to run in your particular environment For demonstration purposes are trying to write for CVE-2018-0171 for IOS and IOS-XE which we treat as one networking platform from an Ansible perspective

A wrapper for Cisco's smi_check.py file.

SmartInstall A wrapper for Cisco's smi_checkpy file Requirements Python 3x Python 27 The Cisco script is written in Python 27 The guys at embedicom released a remote code exploit for Cisco's Smart Install protocol at GeekPWN 2017 Hong Kong The Smart install protocol is used for automatic switch deployment and is enabled by default on many models including th

Egg on Cisco's face: Three critical software bugs to fix over Easter

The Register • Richard Chirgwin • 29 Mar 2018

Pick your poison in IOS and IOS XE: denial-of-service or remote code execution?

Cisco's ruined Easter for netadmins by revealing three critical-rated flaws, with fixes landing today. The company's IOS and IOS XE software need patching against two bugs, CVE-2018-0151 and CVE-2018-0171. CVE-2018-151 is a bounds-checking error in IOS/IOS XE's quality-of-service subsystem, and can be attacked using malicious packets to UDP port 18999. A successful attack triggers a buffer overrun, either causing a denial-of-service (DoS) or remote code execution (RCE). If you can't patch immedi...

CVE-2018-0171

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

Recent Articles

References

Vulmon Search

About

Products

Connect