16 matches found
Russian State Hackers Exploit 7-Year-Old Cisco Router Vulnerability
FBI and Cisco warn Russian hackers are exploiting a 7-year-old Cisco Smart Install vulnerability on outdated routers and…...
Russian state-sponsored espionage group Static Tundra compromises unpatched end-of-life network devices
Static Tundra is a Russian state-sponsored cyber espionage group linked to the FSB's Center 16 unit that has been operating for over a decade, specializing in compromising network devices for long-term intelligence gathering operations. The group actively exploits a seven-year-old vulnerability...
CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature
The U.S. Cybersecurity and Infrastructure Security Agency CISA has disclosed that threat actors are abusing the legacy Cisco Smart Install SMI feature with the aim of accessing sensitive data. The agency said it has seen adversaries "acquire system configuration files by leveraging available...
VulnCheck KEV: CVE-2018-0156
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial-of-service DoS condition...
Azbuka Vkusa: Мисконфигурация Cisco Smart Install
Closed...
Cisco Smart Install (SMI) Protocol Detection (TCP)
TCP based detection of services supporting the Cisco Smart Install SMI protocol. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Informatica: Cisco RCE
The researcher was able to complete RCE attack and download sensitive files. We have mitigated it by hardening the machine and port. There are opened classical cisco smart install service, which was successfully exploited. Informatica is a fAsTeSt!!! bug fixer in my life. Closing vulnerability in...
Here's how hackers are targeting Cisco Network Switches in Russia and Iran
Since last week, a new hacking group, calling itself 'JHT,' hijacked a significant number of Cisco devices belonging to organizations in Russia and Iran, and left a message that reads—"Do not mess with our elections" with an American flag in ASCII art. MJ Azari Jahromi, Iranian Communication and...
Cisco Smart Install Remote Code Execution (CVE-2018-0171)
A remote code execution vulnerability exists in Cisco Smart Install. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Smart Install Remote Command Execution Vulnerability
Smart Install, a plug-and-play configuration and image management feature, provides zero-configuration deployment for switches new to the network, automating the process of initial configuration and operating system image loading, as well as providing backup of configuration files. A remote comma...
Cisco Smart Install Remote Code Execution(CVE-2018-0171)
Introduction Application: Cisco IOS, Cisco IOS-XE Vendor: Cisco Bugs: Stack-based buffer overflow CWE-20, CWE-121 Risk: Critical; AV:N/AC:L/Au:N/C:C/I:C/A:C 10.0 A stack-based buffer overflow vulnerability was found in Smart Install Client code. This vulnerability enables an attacker to remotely...
Cisco Smart Install - Crash (PoC)
Cisco Smart Install - Crash PoC smiibcinitdiscoveryBoF.py import socket import struct from optparse import OptionParser Parse the target options parser = OptionParser parser.addoption"-t", "--target", dest="target", help="Smart Install Client", default="192.168.1.1" parser.addoption"-p", "--port"...
CVE-2018-0171
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition, or to execute arbitrary code on an affected device. The...
Identify Cisco Smart Install endpoints
This module attempts to connect to the specified Cisco Smart Install port and determines if it speaks the Smart Install Protocol. Exposure of SMI to untrusted networks can allow complete compromise of the switch. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2016-6385
Memory leak in the Smart Install client implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.2 through 3.8 allows remote attackers to cause a denial of service memory consumption via crafted image-list parameters, aka Bug ID CSCuy82367...
CVE-2013-1146
The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service device reload via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790...