CiscoCVE-2014-0659CVE-2014-0659
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.1%
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | rvs4000_firmware | * | cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:* |
| cisco | rvs4000_firmware | 1.3.2.0 | cpe:2.3:o:cisco:rvs4000_firmware:1.3.2.0:*:*:*:*:*:*:* |
| cisco | rvs4000_firmware | 1.3.3.5 | cpe:2.3:o:cisco:rvs4000_firmware:1.3.3.5:*:*:*:*:*:*:* |
| cisco | rvs4000_firmware | 2.0.0.3 | cpe:2.3:o:cisco:rvs4000_firmware:2.0.0.3:*:*:*:*:*:*:* |
| cisco | rvs4000_firmware | 2.0.2.7 | cpe:2.3:o:cisco:rvs4000_firmware:2.0.2.7:*:*:*:*:*:*:* |
| cisco | rvs4000 | - | cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:* |
| cisco | wrvs4400n_firmware | 1.1.03 | cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.03:*:*:*:*:*:*:* |
| cisco | wrvs4400n_firmware | 1.1.13 | cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.13:*:*:*:*:*:*:* |
| cisco | wrvs4400n_firmware | 2.0.1.3 | cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.1.3:*:*:*:*:*:*:* |
| cisco | wrvs4400n_firmware | 2.0.2.1 | cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.2.1:*:*:*:*:*:*:* |
References
secunia.com/advisories/56292
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd
tools.cisco.com/security/center/viewAlert.x?alertId=32381
www.securityfocus.com/bid/64776
www.securitytracker.com/id/1029579
www.securitytracker.com/id/1029580
exchange.xforce.ibmcloud.com/vulnerabilities/90233
github.com/elvanderb/TCP-32764
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.1%