CyberSec.Space Logo
Back to CVE Browser

CVE-2014-0683

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile8.62th
PublishedMar 6, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.

Affected Platforms (CPE)

πŸ’»
Cisco

Rv110w Firmware

<= 1.2.0.9
πŸ”Œ
Cisco

Rv110w

All versions
πŸ’»
Cisco

Rv215w Firmware

<= 1.1.0.5
πŸ”Œ
Cisco

Rv215w

All versions
πŸ’»
Cisco

Cvr100w Firmware

<= 1.0.1.19
πŸ”Œ
Cisco

Cvr100w

All versions

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd
πŸ”— https://www.exploit-db.com/exploits/45986/
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd
πŸ”— https://www.exploit-db.com/exploits/45986/

Related Vulnerabilities

CVE-2016-13959.8

The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3...

CVE-2016-13976.5

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with fi...

CVE-2016-13986.5

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with f...

CVE-2016-13966.1

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1....