CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2179

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile30.88th
PublishedNov 7, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a crafted HTTP request, aka Bug ID CSCuh86998.

Affected Platforms (CPE)

πŸ’»
Cisco

Rv180 Firmware

<= 1.0.3.10
πŸ”Œ
Cisco

Rv180

All versions
πŸ”Œ
Cisco

Rv180w

All versions
πŸ’»
Cisco

Rv120w Firmware

<= 1.0.5.8
πŸ”Œ
Cisco

Rv120w

All versions
πŸ’»
Cisco

Rv220w Firmware

<= 1.0.5.8
πŸ”Œ
Cisco

Rv220w

All versions

References & Advisories

πŸ”— http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html
πŸ”— http://seclists.org/fulldisclosure/2014/Nov/6
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv
πŸ”— http://www.securityfocus.com/archive/1/533917/100/0/threaded
πŸ”— http://www.securitytracker.com/id/1031171
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/98499
πŸ”— http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html
πŸ”— http://seclists.org/fulldisclosure/2014/Nov/6

Related Vulnerabilities

CVE-2014-21779.0

The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devic...

CVE-2014-21786.8

Cross-site request forgery (CSRF) vulnerability in the administrative web interface in the Cisco RV router firmware on RV220W devi...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...