CVE-2014-0659
Severity CVSS v4.0:
Pending analysis
Type:
CWE-78
OS Command Injections
Publication date:
12/01/2014
Last modified:
11/04/2025
Description
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:rvs4000_firmware:*:*:*:*:*:*:*:* | 2.0.3.2 (including) | |
| cpe:2.3:o:cisco:rvs4000_firmware:1.3.2.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:rvs4000_firmware:1.3.3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:rvs4000_firmware:2.0.0.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:rvs4000_firmware:2.0.2.7:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:rvs4000:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.03:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wrvs4400n_firmware:1.1.13:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wrvs4400n_firmware:2.0.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:wrvs4400n:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wap4410n_firmware:*:*:*:*:*:*:*:* | 2.0.6.1 (including) | |
| cpe:2.3:o:cisco:wap4410n_firmware:2.0.2.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wap4410n_firmware:2.0.3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:wap4410n_firmware:2.0.4.2:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/56292
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32381
- http://www.securityfocus.com/bid/64776
- http://www.securitytracker.com/id/1029579
- http://www.securitytracker.com/id/1029580
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90233
- https://github.com/elvanderb/TCP-32764
- http://secunia.com/advisories/56292
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32381
- http://www.securityfocus.com/bid/64776
- http://www.securitytracker.com/id/1029579
- http://www.securitytracker.com/id/1029580
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90233
- https://github.com/elvanderb/TCP-32764