Web Management Interface Vulnerability in Cisco RVS4000 and WRVS4400N Routers
CVE-2011-1646

Currently unrated

Key Information:

Vendor: Cisco
Status: Rvs4000; Rvs4000 Software
Vendor: CVE Published:; 31 May 2011

Summary

The web management interface of the Cisco RVS4000 and WRVS4400N Gigabit Security Routers can be exploited by remote authenticated users. Specifically, attackers can leverage a flaw in the ping test and traceroute test parameters to execute arbitrary commands, potentially compromising the network and its integrity. This vulnerability affects specific software versions and requires authentication to access.

References

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id?1025565

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
May 31, 2011
Vulnerability Reserved
Apr 5, 2011