The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd | Patch Vendor Advisory |
https://www.exploit-db.com/exploits/45986/ |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2014-03-06T11:00:00
Updated: 2018-12-15T10:57:01
Reserved: 2014-01-02T00:00:00
Link: CVE-2014-0683
JSON object: View
NVD Information
Status : Modified
Published: 2014-03-06T11:55:05.287
Modified: 2018-12-15T11:29:00.303
Link: CVE-2014-0683
JSON object: View
Redhat Information
No data.
CWE