[原文]Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets.
Cisco CBOS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted large ICMP Echo Reply packet causing the router to reboot into ROMMON mode, and will result in loss of availability for the router.
Upgrade to versions 2.3.9, 2.4.1 and 2.4.2 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.