What is the CVSS score of CVE-2018-0171?

CVE-2018-0171 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 93.0%.

Is there a public PoC exploit available for CVE-2018-0171?

Yes, a public proof-of-concept exploit is available for CVE-2018-0171. Prioritise patching immediately. EPSS: 93.0%.

How to fix or mitigate CVE-2018-0171?

Within 24 hours: Identify all affected systems and apply vendor patches immediately. Monitor vendor channels for patch availability.

CVE-2018-0171

CRITICAL

Improper Input Validation (CWE-20)

2018-03-28 psirt@cisco.com

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 26, 2026 - 11:18 vuln.today

Added to CISA KEV

Jan 14, 2026 - 18:45 cisa

CISA KEV

PoC Detected

Jan 14, 2026 - 18:45 vuln.today

Public exploit code

CVE Published

Mar 28, 2018 - 22:29 nvd

CRITICAL 9.8

DescriptionNVD

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186.

AnalysisAI

Cisco IOS and IOS XE Smart Install feature allows unauthenticated remote attackers to trigger device reload or execute arbitrary code through crafted packets, widely exploited to disrupt network infrastructure.

Technical ContextAI

The CWE-20 input validation flaw in Cisco's Smart Install protocol handler (TCP port 4786) allows specially crafted packets to trigger a stack-based buffer overflow. The vulnerability can be exploited for denial of service (device crash/reload) or, with more sophisticated payloads, for remote code execution.

Affected ProductsAI

Cisco IOS Software with Smart Install enabled Cisco IOS XE Software with Smart Install enabled

RemediationAI

Disable Smart Install if not required: 'no vstack'. Apply Cisco security advisory patches. Implement infrastructure ACLs to restrict access to port 4786. Monitor for Smart Install protocol scanning.

CVE-2018-0171 vulnerability details – vuln.today

Back

CVE-2018-0171

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

Affected ProductsAI

RemediationAI

Share

External POC / Exploit Code