CVE-2014-3306

2014-07-1800:55:04

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON

The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, EPC3010, EPC3212, EPC3825, and EPC3925 Wireless Residential Gateway products allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCup40808.

Affected configurations

Nvd

Node

ciscodpc3010Match-

ciscodpc3212Match-

ciscodpc3825Match-

ciscodpc3925Match-

ciscodpq3925Match-

ciscoepc3010Match-

ciscoepc3212Match-

ciscoepc3825Match-

ciscoepc3925Match-

VendorProductVersionCPE
ciscodpc3010-cpe:2.3:h:cisco:dpc3010:-:*:*:*:*:*:*:*
ciscodpc3212-cpe:2.3:h:cisco:dpc3212:-:*:*:*:*:*:*:*
ciscodpc3825-cpe:2.3:h:cisco:dpc3825:-:*:*:*:*:*:*:*
ciscodpc3925-cpe:2.3:h:cisco:dpc3925:-:*:*:*:*:*:*:*
ciscodpq3925-cpe:2.3:h:cisco:dpq3925:-:*:*:*:*:*:*:*
ciscoepc3010-cpe:2.3:h:cisco:epc3010:-:*:*:*:*:*:*:*
ciscoepc3212-cpe:2.3:h:cisco:epc3212:-:*:*:*:*:*:*:*
ciscoepc3825-cpe:2.3:h:cisco:epc3825:-:*:*:*:*:*:*:*
ciscoepc3925-cpe:2.3:h:cisco:epc3925:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	dpc3010	-	cpe:2.3:h:cisco:dpc3010:-:::::::*
cisco	dpc3212	-	cpe:2.3:h:cisco:dpc3212:-:::::::*
cisco	dpc3825	-	cpe:2.3:h:cisco:dpc3825:-:::::::*
cisco	dpc3925	-	cpe:2.3:h:cisco:dpc3925:-:::::::*
cisco	dpq3925	-	cpe:2.3:h:cisco:dpq3925:-:::::::*
cisco	epc3010	-	cpe:2.3:h:cisco:epc3010:-:::::::*
cisco	epc3212	-	cpe:2.3:h:cisco:epc3212:-:::::::*
cisco	epc3825	-	cpe:2.3:h:cisco:epc3825:-:::::::*
cisco	epc3925	-	cpe:2.3:h:cisco:epc3925:-:::::::*