CVE-2018-0171

CRITICAL KEV NUCLEI

Cisco Ios - Out-of-Bounds Write

Title source: rule

Description

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

Exploits (2)

exploitdb WORKING POC
by embedi · pythondoshardware
https://www.exploit-db.com/exploits/44451
nomisec WORKING POC 18 stars
by AlrikRr · remote
https://github.com/AlrikRr/Cisco-Smart-Exploit

Nuclei Templates (1)

Cisco Smart Install - Configuration Download
CRITICALVERIFIEDby ritikchaddha,matejsmycka
Shodan: port:4786 "Smart Install"

References (7)

Scores

CVSS v3 9.8
EPSS 0.9303
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2021-11-03
VulnCheck KEV 2021-11-03
InTheWild.io 2021-07-23
ENISA EUVD EUVD-2018-0994
CWE
CWE-20 CWE-787
Status published
Products (1)
cisco/ios 15.2\(5\)e
Published Mar 28, 2018
KEV Added Nov 03, 2021
Tracked Since Feb 18, 2026