Lucene search

PRIOn knowledge basePRION:CVE-2014-2179

HistoryNov 07, 2014 - 11:55 a.m.

Design/Logic Flaw

2014-11-0711:55:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.3%

JSON

The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a crafted HTTP request, aka Bug ID CSCuh86998.

CPENameOperatorVersion
rv120w_firmwarele1.0.5.8
rv180_firmwarele1.0.3.10
rv220w_firmwarele1.0.5.8

Name	Operator	Version
rv120w_firmware	le	1.0.5.8
rv180_firmware	le	1.0.3.10
rv220w_firmware	le	1.0.5.8

References

packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html

seclists.org/fulldisclosure/2014/Nov/6

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv

www.securityfocus.com/archive/1/533917/100/0/threaded

www.securitytracker.com/id/1031171

exchange.xforce.ibmcloud.com/vulnerabilities/98499

7.5 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.3%

JSON

Related for PRION:CVE-2014-2179