Lucene search

CiscoCVE-2017-3882

HistoryMay 16, 2017 - 5:29 p.m.

CVE-2017-3882

2017-05-1617:29:00

CWE-119

cisco

web.nvd.nist.gov

cisco

cvr100w

wireless-n

vpn router

vulnerability

cve-2017-3882

remote code execution

upnp

buffer overflow

dos

cisco bug ids

cscuz72642

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.017

Percentile

87.7%

JSON

A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.

Affected configurations

Nvd

Node

ciscosmall_business_rv_router_firmwareMatch1.0.0.30

ciscosmall_business_rv_router_firmwareMatch1.0.1.9

ciscosmall_business_rv_router_firmwareMatch1.0.1.19

ciscosmall_business_rv_router_firmwareMatch1.0.2.6

ciscosmall_business_rv_router_firmwareMatch1.0.3.10

ciscosmall_business_rv_router_firmwareMatch1.0.4.10

ciscosmall_business_rv_router_firmwareMatch1.0.4.14

ciscosmall_business_rv_router_firmwareMatch1.0.5.4

ciscosmall_business_rv_router_firmwareMatch1.0.5.4\(gd\)

ciscosmall_business_rv_router_firmwareMatch1.0.5.5

ciscosmall_business_rv_router_firmwareMatch1.0.5.6

ciscosmall_business_rv_router_firmwareMatch1.0.5.8

ciscosmall_business_rv_router_firmwareMatch1.0.6.6

ciscosmall_business_rv_router_firmwareMatch1.0.39

ciscosmall_business_rv_router_firmware_1.0Match0.2

AND

ciscorv042Match-

ciscorv042gMatch-

ciscorv082Match-

ciscorv110wMatch-

ciscorv130Match-

ciscorv130_wfMatch-

ciscorv130wMatch-

ciscorv130w_wfMatch-

ciscorv132wMatch-

ciscorv134wMatch-

ciscorv215wMatch-

ciscorv320Match-

ciscorv320_wfMatch-

ciscorv325Match-

ciscorv325_wfMatch-

VendorProductVersionCPE
ciscosmall_business_rv_router_firmware1.0.0.30cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.0.30:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.1.9cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.1.9:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.1.19cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.1.19:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.2.6cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.2.6:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.3.10cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.3.10:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.4.10cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.4.10:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.4.14cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.4.14:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.5.4cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.4:*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.5.4(gd)cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.4\(gd\):*:*:*:*:*:*:*
ciscosmall_business_rv_router_firmware1.0.5.5cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	small_business_rv_router_firmware	1.0.0.30	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.0.30:::::::*
cisco	small_business_rv_router_firmware	1.0.1.9	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.1.9:::::::*
cisco	small_business_rv_router_firmware	1.0.1.19	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.1.19:::::::*
cisco	small_business_rv_router_firmware	1.0.2.6	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.2.6:::::::*
cisco	small_business_rv_router_firmware	1.0.3.10	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.3.10:::::::*
cisco	small_business_rv_router_firmware	1.0.4.10	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.4.10:::::::*
cisco	small_business_rv_router_firmware	1.0.4.14	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.4.14:::::::*
cisco	small_business_rv_router_firmware	1.0.5.4	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.4:::::::*
cisco	small_business_rv_router_firmware	1.0.5.4(gd)	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.4\(gd\):::::::*
cisco	small_business_rv_router_firmware	1.0.5.5	cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.5:::::::*

Rows per page:

1-10 of 301

CNA Affected

[
  {
    "product": "Cisco CVR100W Wireless-N VPN Router",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Cisco CVR100W Wireless-N VPN Router"
      }
    ]
  }
]

References

www.securityfocus.com/bid/98287

www.securitytracker.com/id/1038391

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1

CVSS2

8.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.017

Percentile

87.7%

JSON

Related for CVE-2017-3882