CVE-2018-0234

Name of the Vulnerable Software and Affected Versions: Cisco Aironet 1810, 1830, and 1850 Series Access Points versions 8.4.100.0 through 8.5.105.0

Description: A vulnerability in the implementation of Point-to-Point Tunneling Protocol (PPTP) functionality could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The issue is due to insufficient validation of Generic Routing Encapsulation (GRE) frames that pass through the data plane of an affected access point. An attacker could exploit this by initiating a PPTP connection and sending a malicious GRE frame, causing the NSS core process to crash and resulting in a DoS condition.

Recommendations: For versions 8.4.100.0, 8.5.103.0, and 8.5.105.0, consider disabling PPTP functionality as a temporary workaround until a patch is available. Restrict access to the affected access points to minimize the risk of exploitation. Avoid using the PPTP connection to the affected access points until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.