CVE-2018-15376— Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-15376
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary Memory Write Vulnerabilities
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the embedded test subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers could allow an authenticated, local attacker to write arbitrary values to arbitrary locations in the memory space of an affected device. The vulnerability is due to the presence of certain test commands that were intended to be available only in internal development builds of the affected software. An attacker could exploit this vulnerability by using these commands on an affected device. A successful exploit could allow the attacker to write arbitrary values to arbitrary locations in the memory space of the affected device.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
任意地址可写任意内容条件
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco 807、809和829 Industrial Integrated Services Router IOS Software 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco 807、809和829 Industrial Integrated Services Router都是美国思科(Cisco)公司的路由器产品。IOS Software是运行在其中的一套Cisco为其网络设备开发的操作系统。 Cisco 807、809和829 Industrial Integrated Services Router的IOS Software中嵌入的测试子系统存在安全漏洞。本地攻击者可通过使用测试命令利用该漏洞向受影响设备的任意内存位置写入任意值。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco IOS Software | n/a | - |
II. Public POCs for CVE-2018-15376
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-15376
请登录查看更多情报信息。
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ir800-memwritevendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2018-15376
Same Patch Batch · Cisco · 2018-10-05 · 110 CVEs total
| CVE-2018-15391 | Cisco Remote PHY IPv4 Fragment Denial of Service Vulnerability | |
| CVE-2018-15408 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerab | |
| CVE-2018-15407 | Cisco HyperFlex World-Readable Sensitive Information Vulnerability | |
| CVE-2018-15406 | Cisco UCS Director Stored Cross-Site Scripting Vulnerability | |
| CVE-2018-15405 | Cisco Integrated Management Controller Supervisor and Cisco UCS Director Authenticated Web | |
| CVE-2018-15404 | Cisco Integrated Management Controller Supervisor and Cisco UCS Director System Resources | |
| CVE-2018-15403 | Multiple Cisco Unified Communications Products Open Redirect Vulnerability | |
| CVE-2018-15401 | Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability | |
| CVE-2018-15400 | Cisco Cloud Services Platform 2100 Cross-Site Scripting Vulnerability | |
| CVE-2018-15399 | Cisco Adaptive Security Appliance TCP Syslog Denial of Service Vulnerability | |
| CVE-2018-15398 | Cisco Adaptive Security Appliance Access Control List Bypass Vulnerability | |
| CVE-2018-15397 | Cisco Adaptive Security Appliance IPsec VPN Denial of Service Vulnerability | |
| CVE-2018-15396 | Cisco Unity Connection File Upload Denial of Service Vulnerability | |
| CVE-2018-15392 | Cisco Industrial Network Director DHCP Request Processing Denial of Service Vulnerability | |
| CVE-2018-15373 | Cisco IOS and IOS XE Software Cisco Discovery Protocol Denial of Service Vulnerability | |
| CVE-2018-15377 | Cisco IOS and IOS XE Software Plug and Play Agent Memory Leak Vulnerability | |
| CVE-2018-15375 | Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Arbitrary M | |
| CVE-2018-15374 | Cisco IOS XE Software Digital Signature Verification Bypass Vulnerability | |
| CVE-2018-15379 | Cisco Prime Infrastructure Arbitrary File Upload and Command Execution Vulnerability | |
| CVE-2018-15372 | Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerability |
Showing top 20 of 110 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Cisco IOS Software
- CVE-2019-1758
Cisco IOS Software Catalyst 6500 Series 802.1x Authenticatio - CVE-2019-1751
Cisco IOS Software NAT64 Denial of Service Vulnerability - CVE-2018-0466
Cisco IOS and IOS XE Software OSPFv3 Denial of Service Vulne - CVE-2018-0467
Cisco IOS and IOS XE Software IPv6 Hop-by-Hop Options Denial - CVE-2018-0473
Cisco IOS Software Precision Time Protocol Denial of Service
Same vendor: Cisco
- CVE-2026-20219
Cisco Slido 安全漏洞 - CVE-2026-20034
Cisco Unity Connection Remote Code Execution Vulnerability - CVE-2026-20035
Cisco Unity Connection Server-Side Request Forgery Vulnerabi - CVE-2026-20167
Cisco IoT Field Network Director Remote Device Denial of Ser - CVE-2026-20169
Cisco IoT Field Network Director Command Injection Vulnerabi
V. Comments for CVE-2018-15376
No comments yet