CVE-2017-3881
Cisco IOS and IOS XE Remote Code Execution Vulnerability
CVSS
—
No CVSS
EPSS
99.0%
p100
KEV
YES
Mar 25, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
99.0%EPSS · 30 days99.0%
2026-06-302026-07-16
Product
Cisco / IOS and IOS XE
Vulnerability
Cisco IOS and IOS XE Remote Code Execution Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
No
Summary description
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-3881
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-0171—99.9%
KEV—80Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability—CVE-2025-20352—98.4%
KEV—80Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability—CVE-2023-20109—81.7%
KEV—75Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability—