Summary: A recent analysis by Guy Bruneau reveals the ongoing risks of a seven-year-old Cisco vulnerability, CVE-2018-0171, which still affects over 1,200 devices worldwide. This vulnerability allows attackers to execute arbitrary commands on devices using the Smart Install feature, raising serious security concerns due to its default enabled state and lack of authentication. Bruneau demonstrates how easily this flaw can be exploited using outdated Cisco hardware and accessible exploit tools.
Affected: Cisco devices running Smart Install feature
Keypoints :
- Over 1,200 Cisco devices are still exposed to the CVE-2018-0171 vulnerability.
- The Smart Install feature, which automates device configurations, is enabled by default and lacks authentication.
- Exploit tools can easily exfiltrate sensitive configurations, including weak Type 7 encrypted passwords.
- Recommendations include disabling Smart Install, updating firmware, using Access Control Lists (ACLs), and monitoring traffic.
Source: https://securityonline.info/seven-years-later-cisco-cve-2018-0171-still-exposes-thousands-to-rce/