CVE-2014-0683
First published: Thu Mar 06 2014(Updated: )
The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Rv110w Firmware | <=1.2.0.9 | |
| Cisco RV110W | ||
| Cisco Rv215w Firmware | <=1.1.0.5 | |
| Cisco RV215W | ||
| Cisco Cvr100w Firmware | <=1.0.1.19 | |
| Cisco Cvr100w |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/remedy
- agent/tags
- agent/last-modified-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco rv110w firmware
- version/cisco rv110w firmware/1.2.0.9
- canonical/cisco rv110w
- canonical/cisco rv215w firmware
- version/cisco rv215w firmware/1.1.0.5
- canonical/cisco rv215w
- canonical/cisco cvr100w firmware
- version/cisco cvr100w firmware/1.0.1.19
- canonical/cisco cvr100w