Cisco IOS Software Smart Install DoS (cisco-sa-20180328-smi)

According to its self-reported version, Cisco IOS is affected by a denial of service DoS vulnerability in the Smart Install feature due to improper validation of packet data. An unauthenticated, remote attacker can exploit this by sending a crafted packet to an affected device on TCP port 4786 in...

Cisco IOS XE Software Smart Install DoS (cisco-sa-20180328-smi)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the Smart Install feature due to improper validation of packet data. An unauthenticated, remote attacker can exploit this by sending a crafted packet to an affected device on TCP...

Cisco IOS Smart Install Memory Leak (cisco-sa-20160928-smi)

According to its self-reported version, Cisco IOS is affected by a denial of service DoS vulnerability in the Smart Install client feature due to incorrect handling of image list parameters. An unauthenticated, remote attacker can exploit this, by sending crafted Smart Install packets to TCP port...

Cisco IOS XE Software Smart Install Memory Leak (cisco-sa-20160928-smi)

According to its self-reported version, Cisco IOS XE Software is affected by a denial of service DoS vulnerability in the Smart Install client feature due to incorrect handling of image list parameters. An unauthenticated, remote attacker can exploit this, by sending crafted Smart Install packets...

The vulnerability of the Smart Install mechanism for Cisco IOS and IOS XE operating systems allows a hacker to trigger a service failure.

The vulnerability of the Smart Install mechanism for Cisco IOS and IOS XE operating systems is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures by using specially crafted packets sent to port 4786 of the device...

Here's how hackers are targeting Cisco Network Switches in Russia and Iran

Since last week, a new hacking group, calling itself 'JHT,' hijacked a significant number of Cisco devices belonging to organizations in Russia and Iran, and left a message that reads—"Do not mess with our elections" with an American flag in ASCII art. MJ Azari Jahromi, Iranian Communication and...

Cisco product experience serious vulnerability, resulting in a large number of devices is facing a remote risk of attack-vulnerability warning-the black bar safety net

! Cisco in their IOS software that patches over 30 vulnerabilities, including a serious remote code execution vulnerability, the vulnerability can be hundreds of thousands of even millions of devices exposed on the network device initiates a remote attack. A total of three vulnerabilities are rat...

Cisco IOS Software and IOS XE Software Denial of Service Vulnerability (CNVD-2018-07300)

Cisco IOS Software and IOS XE Software are both operating systems developed by Cisco for its network devices. A resource management error vulnerability exists in the Smart Install feature of Cisco IOS Software and IOS XE Software, which results from the program failing to properly validate packet...

Cisco Smart Install Remote Command Execution Vulnerability

Smart Install, a plug-and-play configuration and image management feature, provides zero-configuration deployment for switches new to the network, automating the process of initial configuration and operating system image loading, as well as providing backup of configuration files. A remote comma...

CVE-2018-0171

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition, or to execute arbitrary code on an affected device. The...

CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper validation of packet data. A...

Buffer overflow

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition, or to execute arbitrary code on an affected device. The...

CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper validation of packet data. A...

CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper validation of packet data. A...

CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper validation of packet data. A...

Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability

Update August 20, 2025: Cisco is aware of continued exploitation activity of the vulnerability that is described in this advisory and strongly recommends that customers assess their systems and upgrade to a fixed software release as soon as possible. A vulnerability in the Smart Install feature o...

PT-2018-1101

Name of the Vulnerable Software and Affected Versions Cisco IOS and IOS XE Software affected versions not specified Description A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an...

CVE-2018-0171

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition, or to execute arbitrary code on an affected device. The...

PT-2018-1189 · Cisco · Cisco Ios Xe +1

Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: The issue is related to the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software, where improper validation of packet data could allow ...

CVE-2018-0156

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition. The vulnerability is due to improper validation of packet data. A...