CVE-2007-4286

Cisco IOS 12.0-12.4 - Remote Code Execution and Denial of Service via NHRP Packet

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4286. PoCs published by Martin Kluge.

AI-analyzed exploit summary This exploit targets a DoS vulnerability in Cisco IOS NHRP implementation (CVE-2007-4286) by sending malformed GRE packets. It causes a crash or hang on vulnerable routers, even with NHRP authentication enabled.

Description

Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Martin Kluge · cdoswindows

https://www.exploit-db.com/exploits/4272

View Code ZIP pw:eip

This exploit targets a DoS vulnerability in Cisco IOS NHRP implementation (CVE-2007-4286) by sending malformed GRE packets. It causes a crash or hang on vulnerable routers, even with NHRP authentication enabled.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Cisco IOS (multiple versions, e.g., 12.2-12.3)

No auth needed

Prerequisites: NHRP session established between target and client · GRE key if tunnel is protected

MITRE ATT&CK