CVE-2003-0647

Cisco IOS < 12.2 - Remote Code Execution via Long HTTP GET Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-0647. PoCs published by FX.

AI-analyzed exploit summary This exploit targets a Cisco IOS HTTP integer overflow vulnerability (CVE-2003-0647) to achieve remote code execution. It uses a memory leak via UDP Echo to place shellcode and calculate addresses, then triggers the overflow by sending ~2GB of data.

Description

Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.

Exploits (1)

exploitdb WORKING POC VERIFIED

by FX · cremotehardware

https://www.exploit-db.com/exploits/77

View Code ZIP pw:eip

This exploit targets a Cisco IOS HTTP integer overflow vulnerability (CVE-2003-0647) to achieve remote code execution. It uses a memory leak via UDP Echo to place shellcode and calculate addresses, then triggers the overflow by sending ~2GB of data.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Racy

Target: Cisco IOS 11.x/12.x (1600/2500 series)

No auth needed

Prerequisites: ip http server enabled · service udp-small-servers enabled · port 80 TCP and port 7 UDP open

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_cisco

http://www.cisco.com/warp/public/707/cisco-sn-20030730-ios-2gb-get.shtml

Patch, Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/579324

Scores

EPSS 0.0593

EPSS Percentile 92.3%

Details

Status published

Products (1)

cisco/ios < 12.2

Published Aug 27, 2003

Tracked Since Feb 18, 2026