CVE-2014-0659

critical

Description

The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.

References

https://github.com/elvanderb/TCP-32764

https://exchange.xforce.ibmcloud.com/vulnerabilities/90233

http://www.securitytracker.com/id/1029580

http://www.securitytracker.com/id/1029579

http://www.securityfocus.com/bid/64776

http://tools.cisco.com/security/center/viewAlert.x?alertId=32381

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbd

http://secunia.com/advisories/56292

Details

Source: Mitre, NVD

Published: 2014-01-12

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical