CVE-2002-1101
Cisco VPN 3000 Concentrator 2.2.x 3.6(Rel) and 3.x < 3.5.5 - Denial of Service via Long Username
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-1101. PoCs published by Phenoelit.
AI-analyzed exploit summary This exploit sends a malformed ISAKMP packet with an overly long username string to trigger a denial-of-service (DoS) condition in Cisco VPN 3000 series concentrators, causing the device to reboot.
Description
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Phenoelit · cdoshardware
https://www.exploit-db.com/exploits/21770
This exploit sends a malformed ISAKMP packet with an overly long username string to trigger a denial-of-service (DoS) condition in Cisco VPN 3000 series concentrators, causing the device to reboot.
Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:
Cisco VPN 3000 series concentrators (Software <= 3.6.0)
No auth needed
Prerequisites:
Network access to the target device · UDP port 500 (ISAKMP) accessible
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
Scores
EPSS
0.0338
EPSS Percentile
87.2%
Details
Status
published
Products (23)
cisco/vpn_3000_concentrator_series_software
2.0
cisco/vpn_3000_concentrator_series_software
2.5.2.a
cisco/vpn_3000_concentrator_series_software
2.5.2.b
cisco/vpn_3000_concentrator_series_software
2.5.2.c
cisco/vpn_3000_concentrator_series_software
2.5.2.d
cisco/vpn_3000_concentrator_series_software
2.5.2.f
cisco/vpn_3000_concentrator_series_software
3.0
cisco/vpn_3000_concentrator_series_software
3.0\(rel\)
cisco/vpn_3000_concentrator_series_software
3.0.3.a
cisco/vpn_3000_concentrator_series_software
3.0.3.b
... and 13 more
Published
Oct 04, 2002
Tracked Since
Feb 18, 2026