March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – CVE-2018-0125 – Cisco RV132W Routers Vulnerability Exploit in the Wild
December 21, 2022
Rewterz Threat Alert – GandCrab Ransomware – Active IOCs
December 21, 2022
Rewterz Threat Advisory – CVE-2018-0125 – Cisco RV132W Routers Vulnerability Exploit in the Wild
December 21, 2022
Rewterz Threat Alert – GandCrab Ransomware – Active IOCs
December 21, 2022
Severity
High
Analysis Summary
CVE-2017-12240 CVSS:9.8
Cisco IOS and Cisco IOS XE could allow a remote attacker to execute arbitrary code on the system, caused a buffer overflow condition in the DHCP relay subsystem. By sending a specially crafted DHCP Version 4 (DHCPv4) packet, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause a denial of service.
CVE-2018-0171 CVSS:9.8
Cisco IOS and Cisco IOS XE are vulnerable to a buffer overflow, caused by improper bounds checking by the Smart Install feature. By sending a specially crafted Smart Install message to an affected device on TCP port 4786, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Impact
- Code Execution
- Buffer Overflow
Indicators Of Compromise
CVE
- CVE-2017-12240
- CVE-2018-0171
Affected Vendors
Cisco
Affected Products
- Cisco IOS 12.2
- Cisco IOS XE 16.1.1
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.