CVE-2018-0101
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-0101
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to an attempt to double free a region of memory when the webvpn feature is enabled on the Cisco ASA device. An attacker could exploit this vulnerability by sending multiple, crafted XML packets to a webvpn-configured interface on the affected system. An exploit could allow the attacker to execute arbitrary code and obtain full control of the system, or cause a reload of the affected device. This vulnerability affects Cisco ASA Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, ASA 1000V Cloud Firewall, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4110 Security Appliance, Firepower 9300 ASA Security Module, Firepower Threat Defense Software (FTD). Cisco Bug IDs: CSCvg35618.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
双重释放
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Cisco产品Adaptive Security Appliance Software 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco 3000 Series Industrial Security Appliances(ISR)等都是美国思科(Cisco)公司的安全防火墙设备。Adaptive Security Appliance(ASA)Software是使用在其中的一套防火墙软件。 多款Cisco产品中的ASA Software的Secure Sockets Layer (SSL) VPN功能存在安全漏洞。远程攻击者可通过向配置有webvpn的界面发送特制的XML数据包利用该漏洞造成拒绝服务(重新加载)或执行代码。以下产
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | Cisco Adaptive Security Appliance | Cisco Adaptive Security Appliance | - |
II. Public POCs for CVE-2018-0101
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | None | https://github.com/1337g/CVE-2018-0101-DOS-POC | POC Details |
| 2 | A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability. | https://github.com/Cymmetria/ciscoasa_honeypot | POC Details |
| 3 | Cisco ASA CVE-2018-0101 PoC script. | https://github.com/MikeHorn-git/CVE-2018-0101 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-0101
请登录查看更多情报信息。
Same Patch Batch · n/a · 2018-01-29 · 25 CVEs total
| CVE-2017-1000354 | CloudBees Jenkins 安全漏洞 | |
| CVE-2018-6393 | FreePBX SQL注入漏洞 | |
| CVE-2016-10711 | Apsis Pound 安全漏洞 | |
| CVE-2018-6392 | FFmpeg 安全漏洞 | |
| CVE-2018-6391 | Netis WF2419 跨站请求伪造漏洞 | |
| CVE-2018-6390 | Kingsoft WPS Office 安全漏洞 | |
| CVE-2018-6388 | iBall iB-WRA150N 安全漏洞 | |
| CVE-2018-6387 | iBall iB-WRA150N 安全漏洞 | |
| CVE-2018-6383 | Monstra CMS 安全漏洞 | |
| CVE-2018-6381 | ZZIPlib 缓冲区错误漏洞 | |
| CVE-2017-1000356 | CloudBees Jenkins 跨站请求伪造漏洞 | |
| CVE-2017-1000355 | CloudBees Jenkins 安全漏洞 | |
| CVE-2017-18078 | systemd 安全漏洞 | |
| CVE-2017-1000353 | CloudBees Jenkins 代码问题漏洞 | |
| CVE-2017-14699 | 多款ASUS路由器安全漏洞 | |
| CVE-2017-14698 | 多款ASUS路由器安全漏洞 | |
| CVE-2018-6367 | Vastal I-Tech Buddy Zone Facebook Clone SQL注入漏洞 | |
| CVE-2018-6365 | TSiteBuilder SQL注入漏洞 | |
| CVE-2018-6364 | Multilanguage Real Estate MLM Script SQL注入漏洞 | |
| CVE-2018-6363 | Task Rabbit Clone SQL注入漏洞 |
Showing top 20 of 25 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco Adaptive Security Appliance
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
Same weakness: CWE-415
- CVE-2026-23918
Apache HTTP Server: http2: double free and possible RCE on e - CVE-2026-5657
Double Free in Wireshark - CVE-2026-33824
Windows Internet Key Exchange (IKE) Service Extensions Remot - CVE-2026-32074
Windows Projected File System Elevation of Privilege Vulnera - CVE-2026-32069
Windows Projected File System Elevation of Privilege Vulnera
V. Comments for CVE-2018-0101
No comments yet