CVE-2010-1174

Cisco TFTP Server 1.1 - Denial of Service via Crafted TFTP Packet

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-1174. PoCs published by _SuBz3r0_.

AI-analyzed exploit summary This exploit is a Python script designed to perform a Denial of Service (DoS) attack against Cisco TFTP Server v1.1 by sending malformed TFTP packets. It fuzzes various TFTP request fields, including filenames, modes, and options, to trigger a crash in the server.

Description

Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted (1) read (aka RRQ) or (2) write (aka WRQ) request, or other TFTP packet. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by _SuBz3r0_ · pythondoswindows
https://www.exploit-db.com/exploits/11878

This exploit is a Python script designed to perform a Denial of Service (DoS) attack against Cisco TFTP Server v1.1 by sending malformed TFTP packets. It fuzzes various TFTP request fields, including filenames, modes, and options, to trigger a crash in the server.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Cisco TFTP Server v1.1
No auth needed
Prerequisites: Network access to the target TFTP server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/39116
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/11878
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/38968
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/57165

Scores

EPSS 0.0504
EPSS Percentile 91.2%

Details

CWE
CWE-20
Status published
Products (1)
cisco/tftp_server 1.1
Published Mar 29, 2010
Tracked Since Feb 18, 2026