Seven Years Later: Cisco CVE-2018-0171 Still Exposes Thousands to RCE - #CVE-2018-0171
Chinese state-sponsored hackers have been exploiting vulnerabilities in telecommunications infrastructure, as reported by U.S. security agencies in 2022. These attacks target routers and network-attached storage devices using publicly known vulnerabilities and exploit codes. Notably, the Cisco vulnerability CVE-2018-0171, disclosed seven years prior, continues to pose a significant threat with over 1,200 devices still exposed. Security consultant Guy Bruneau demonstrated the ease of exploiting this flaw to exfiltrate sensitive network configurations from unpatched devices. The vulnerability stems from the Smart Install feature, which is enabled by default without authentication. To mitigate risks, experts recommend disabling Smart Install, updating firmware, implementing access controls, strengthening password encryption, and monitoring for suspicious activities.