CVE-2018-0176

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software (affected versions not specified)

Description: The issue is related to multiple vulnerabilities in the CLI parser of the software. These vulnerabilities could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges. The vulnerabilities are due to the software improperly sanitizing command arguments, which could be exploited by executing CLI commands with crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell and execute arbitrary commands with root privileges.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.