CVE-2007-4430

Cisco IOS 12.0-12.4 - Denial of Service via 'show ip bgp regexp' Command

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4430. PoCs published by anonymous.

AI-analyzed exploit summary This exploit leverages a denial-of-service vulnerability in Cisco IOS by sending malformed CLI commands via authenticated sessions or web interfaces like 'Looking Glass'. The commands trigger a device reboot due to improper handling of regex patterns in BGP-related queries.

Description

Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access.

Exploits (1)

exploitdb WORKING POC VERIFIED

by anonymous · textdoshardware

https://www.exploit-db.com/exploits/30506

View Code ZIP pw:eip

This exploit leverages a denial-of-service vulnerability in Cisco IOS by sending malformed CLI commands via authenticated sessions or web interfaces like 'Looking Glass'. The commands trigger a device reboot due to improper handling of regex patterns in BGP-related queries.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Cisco IOS 12.0, 12.1, 12.2, 12.3, 12.4

Auth required

Prerequisites: authenticated access to the device or a vulnerable web interface

MITRE ATT&CK