Cisco IOS XE Software CVE-2018-0150 Default Credentials Security Bypass Vulnerability

Cisco IOS XE Software is prone to a security-bypass vulnerability.

An attacker can exploit this issue to bypass the authentication mechanism and gain unauthorized access. This may lead to further attacks.

This issue is tracked by Cisco Bug ID CSCve89880.

Information

Bugtraq ID: 103539
Class: Design Error
CVE: CVE-2018-0150

Remote: Yes
Local: No
Published: Mar 28 2018 12:00AM
Updated: Mar 28 2018 12:00AM
Credit: Cisco
Vulnerable: Cisco IOS XE Software 0
Cisco 4400 Series Integrated Services Router Everest-16.5.1
Cisco 4400 Series Integrated Services Router 16.5.1

Not Vulnerable:

Exploit

Attackers can use readily available tools to exploit this issue.

References:

Cisco Homepage (Cisco )
Cisco IOS XE Software Static Credential Vulnerability (Cisco)

Source: www.securityfocus.com

Exploit Collector

Search Exploit