CVE-2018-0173: Cisco IOS and IOS XE Software Improper Input Validation Vulnerability
CVE-2018-0173: Technical Deep-Dive (Auto Refreshed)
Generated on 2026-03-31T21:14:45.697Z. This file is automatically regenerated every 30 minutes by the CVE AI enrichment job using web sources (NVD, MITRE, CISA KEV, GitHub).
Executive Technical Summary
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg62754.
- Context preserved from previous revision: A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. The vulnerability exists because the affected software performs incomplete input validation of encapsulated option 82 information that it receives in DHCPOFFER messages from DHCPv4 servers. An attacker could exploit this vulnerability by sending a crafted DHCPv4 packet to an affected device, which the device would then forward to a DHCPv4 server. When the affected software processes the option 82 information that is encapsulated in the response from the server, an error could occur. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCvg62754. 1. Use only isolated environments and systems you own or are explicitly authorized to test.
Technical Details
- CVE: CVE-2018-0173
- KEV date added: 2022-03-03
- KEV due date: 2022-03-17
- NVD published: 2018-03-29
- NVD modified: 2026-01-14
- MITRE modified: 2026-01-12
- CVSS base score: 8.6
- CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- CVSS exploitability score: 3.9
- CVSS impact score: 4
- Attack vector: Network
- Attack complexity: Low
- Privileges required: None
- User interaction: None
- Scope: Changed
- Confidentiality impact: None
- Integrity impact: None
- Availability impact: High
Versions and Products Impacted
- cisco / ios (versions: denali-16.3.4)
- cisco / ios xe (versions: denali-16.3.4)
- cisco / ios (versions: <= 15.2(6)e0a)
- cisco / ios xe (versions: <= 15.2(6)e0a)
- cisco / ios (versions: <= 15.2(4a)ea5)
- cisco / ios xe (versions: <= 15.2(4a)ea5)
- n/a / Cisco IOS and IOS XE (versions: Cisco IOS and IOS XE)
Weakness Classification
- CWE-20
Repositories for Lab Validation (Public Examples)
- Ostorlab/KEV | stars: 608 | updated: 2026-03-23 | https://github.com/Ostorlab/KEV
Notes: Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs. - alphaSeclab/fuzzing-stuff | stars: 242 | updated: 2026-01-29 | https://github.com/alphaSeclab/fuzzing-stuff
Notes: Resources About Fuzzing, For Multiple Platforms And All Popular Fuzzers. 500+ Open Source Tools Sorted By Star Count, 800+ Blog Posts Sorted By Publish Time.
People and Organizations Mentioned
- cisco
- IOS and IOS XE Software
- Ostorlab
- alphaSeclab
Practical Defensive Validation (Authorized Only)
- Use only isolated environments and systems you own or are explicitly authorized to test.
- Snapshot infrastructure before validation and preserve baseline logs (EDR, SIEM, OS, app).
- Inventory cisco / ios (versions: denali-16.3.4) assets and confirm exact vulnerable versions with automated checks.
- Patch in staged environments and validate closure with scanners + service health checks.
- Map detections to MITRE ATT&CK tactics relevant to your environment and tune alert quality.
References
- NVD record: https://nvd.nist.gov/vuln/detail/CVE-2018-0173
- MITRE CVE record: https://www.cve.org/CVERecord?id=CVE-2018-0173
- CISA KEV Catalog: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- CISA KEV JSON feed: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
- KEV notes: https://nvd.nist.gov/vuln/detail/CVE-2018-0173
- http://www.securityfocus.com/bid/103545
- http://www.securitytracker.com/id/1040591
- https://ics-cert.us-cert.gov/advisories/ICSA-18-107-04
- https://ics-cert.us-cert.gov/advisories/ICSA-18-107-05
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-dhcpr2
- https://www.tenable.com/security/research/tra-2018-06
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-0173
- Repository example: https://github.com/Ostorlab/KEV
- Repository example: https://github.com/alphaSeclab/fuzzing-stuff
This content is for defensive security training and authorized validation only.