ATTACK [PTsecurity] Cisco Smart Install 15.2(5)E RCE (CVE-2018-0171)
Sourceptrules/open
Fileptopen-attacks.rules
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert tcp any any -> any 4786 (msg:"ATTACK [PTsecurity] Cisco Smart Install 15.2(5)E RCE (CVE-2018-0171)"; flow:established, to_server, no_stream ; content:"|00 00 00 01 00 00 00 07|"; offset:4; depth:8; content:"|00 00 00 01|"; distance:4; within:4; isdataat:210, relative ; reference:cve, 2018-0171 ; reference:url, embedi.com/blog/cisco-smart-install-remote-code-execution ; reference:url, rules.ptsecurity.com ; classtype:attempted-admin; sid:10002774; rev:1;)
References
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!