CVE-2018-0171 - Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

: Cisco | IOS and IOS XE

Date Added:
2021-11-03

Due Date:
2022-05-03

Vulnerability Name: Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

Description: Cisco IOS and IOS XE Software improperly validates packet data, allowing an unauthenticated, remote attacker to trigger a reload of an affected device, cause a denial-of-service (DoS) condition, or perform code execution on the affected device.

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0171

Related News Articles: Chinese hackers use custom malware to spy on US telecom networksFebruary 21, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard