CVE-2014-0659

CVE-2014-0659 affects Cisco WAP4410N, WRVS4400N, and RVS4000 devices exposing an undocumented test interface on TCP port 32764. The vulnerability allows remote attackers to read credentials/configuration and execute arbitrary commands with root-level access via the test interface. A Cisco advisor...

CVE-2011-1645

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute...

CVE-2011-1647

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified...

Design/Logic Flaw

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote authenticated users to execute arbitrary commands via the 1 ping test parameter ...

CVE-2011-1645

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configuration file, and consequently execute...

CVE-2011-1646

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote authenticated users to execute arbitrary commands via the 1 ping test parameter ...

CVE-2011-1647

The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the private key for the admin SSL certificate via unspecified...

CVE-2011-1645

The CVE-2011-1645 vulnerability affects Cisco RVS4000 and WRVS4400N Gigabit Security Routers. The flaw is in the web management interface, where an unauthenticated remote attacker can read the device’s backup configuration file, which can contain sensitive data such as HTTP passwords and VPN pre-...

CVE-2011-1646

CVE-2011-1646 affects Cisco RVS4000 (v1/v2) and WRVS4400N; web management interface allows a remote authenticated user to execute arbitrary commands by injecting into the ping test or traceroute test parameters. Root on the OS can be compromised with authenticated access; configuration backups ma...

CVE-2011-1647

The CVE-2011-1647 issue affects Cisco RVS4000 and WRVS4400N Gigabit Security Routers. The Cisco advisory and NVD entry describe a vulnerability in the web management interface that allows a remote attacker to read the private key of the admin SSL certificate via unspecified vectors. Affected firm...

Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities Advisory ID: cisco-sa-20110525-rvs4000 Revision 1.0 For Public Release 2011 May 25 1600 UTC GMT...

Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities

...