CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-0683

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0440%
EPSS Percentile8.62th
Published2014年3月6日
Last Modified2026年5月6日

Vulnerability Description

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.

Affected Platforms (CPE)

💻
Cisco

Rv110w Firmware

<= 1.2.0.9
🔌
Cisco

Rv110w

All versions
💻
Cisco

Rv215w Firmware

<= 1.1.0.5
🔌
Cisco

Rv215w

All versions
💻
Cisco

Cvr100w Firmware

<= 1.0.1.19
🔌
Cisco

Cvr100w

All versions

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd
🔗 https://www.exploit-db.com/exploits/45986/
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd
🔗 https://www.exploit-db.com/exploits/45986/

関連する脆弱性情報

CVE-2016-13959.8

The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3...

CVE-2016-13976.5

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with fi...

CVE-2016-13986.5

Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware through 1.2.1.4, RV130W devices with f...

CVE-2016-13966.1

Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1....