CVE-2018-0167

CVE Database · CVE-2018-0167

CVE-2018-0167

· HIGHAnalyzed

CVSS v3.1

8.8

EPSS

3.45%

Published

Mar 28, 2018

Modified

Jan 14, 2026

CISA Known Exploited Vulnerability

Added: 2022-03-03 · Due: 2022-03-17

Apply updates per vendor instructions.

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-119CWE-119

Affected Products (24)

cisco · iosvulnerable

cisco · ios_xevulnerable

cisco · ios_xr (up to 5.1.3)vulnerable

cisco · asr_9001

cisco · asr_9006

cisco · asr_9010

cisco · asr_9904