• Add network template for CVE-2018-0171 (Critical)
• Cisco IOS Smart Install buffer overflow vulnerability
• TCP port 4786 exploitation with buffer overflow payload
• Complete POC with discovery + exploitation packets
• KEV status: True
• CVSS: 9.8/10 (Critical)
• Updated cves.json metadata

Template / PR Information

This template detects CVE-2018-0171, a critical buffer overflow vulnerability in Cisco IOS and IOS XE Smart Install protocol. The vulnerability allows unauthenticated remote attackers to execute arbitrary code, cause device reload, or create infinite loops by sending crafted Smart Install messages to TCP port 4786.

• Added CVE-2018-0171
• References:
  • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-smi2
  • https://nvd.nist.gov/vuln/detail/CVE-2018-0171
  • https://vulncheck.com/xdb/6d4b443f23fc
  • https://github.com/AlrikRr/Cisco-Smart-Exploit

Template Validation

I’ve validated this template locally?

• YES
• NO

Additional Details

Shodan Query: cpe:"cpe:2.3:o:cisco:ios"

Template Features:

• Two-stage detection: Discovery packet + Buffer overflow payload
• Multiple matchers to prevent false positives
• Complete POC implementation with 4084+ byte overflow
• Network protocol template (TCP) as required
• KEV (Known Exploited Vulnerability) status marked

Expected Response Data:

• Smart Install acknowledgment: 000000040000000000000003000000080000000100000000
• Service banner containing “Smart Install”
• Error indicators: crash/exception/error/overflow keywords

Vulnerability Impact:

• Arbitrary code execution
• Denial of Service (device reload)
• Infinite loops consuming CPU resources
• Complete device compromise

Additional References:

• Nuclei Template Creation Guideline
• Nuclei Template Matcher Guideline
• Nuclei Template Contribution Guideline
• PD-Community Discord server

/claim #12325