An attacker sending a single crafted SSHv2 packet can crash the device. No logs may be left before crash.
Recent reports have identified a critical vulnerability (CVSS 10.0) in certain Cisco products using the Erlang/OTP SSH implementation. It allows unauthenticated remote code execution by sending connection protocol messages before authentication occurs. ssh-2.0-cisco-1.25 vulnerability
In one documented 2019 incident, a threat actor used Shodan to locate a municipal water utility’s Cisco router running SSH-2.0-Cisco-1.25 . They triggered a DoS vulnerability remotely, taking the SCADA network offline for six hours. An attacker sending a single crafted SSHv2 packet
While the banner itself is not a vulnerability, it indicates that the device is running a specific version of Cisco's proprietary SSH code. As of early 2026, this version has been linked to several critical security flaws, most notably a recent Unauthenticated Remote Code Execution (RCE) vulnerability. Vulnerability Overview: Unauthenticated RCE A major vulnerability (tracked as cisco-sa-erlang-otp-ssh-xyZZy It allows unauthenticated remote code execution by sending
Providing the hardware type can help narrow down the exact patch you need.