Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в Cisco RV
Опубликовано:10 ноября 2014 г.
Источник:
SecurityVulns ID:14082
Тип:удаленная
Уровень опасности:
6/10
Описание:Доступ к файлам, выполнение кода, межсайтовый скриптинг.
Затронутые продукты:CISCO : Cisco RV220W
CVE:CVE-2014-2179 (The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a crafted HTTP request, aka Bug ID CSCuh86998.)
 CVE-2014-2178 (Cross-site request forgery (CSRF) vulnerability in the administrative web interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to hijack the authentication of administrators, aka Bug ID CSCuh87145.)
 CVE-2014-2177 (The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote authenticated users to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCuh87126.)
Оригинальный текстdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers (10.11.2014)
 documentSecurify B.V., Cisco RV Series multiple vulnerabilities (10.11.2014)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород