Remote Code Execution Vulnerability in Cisco Wireless Access Point and Routers
CVE-2014-0659

Currently unrated

Key Information:

Vendor: Cisco
Status: Rvs4000 Firmware; Rvs4000
Vendor: CVE Published:; 12 January 2014

Summary

The Cisco WAP4410N access point, WRVS4400N router, and RVS4000 router are susceptible to a vulnerability that allows remote attackers to gain unauthorized access to sensitive credential and configuration information. By exploiting the undocumented test interface available on TCP port 32764, attackers can execute arbitrary commands on the affected devices. This exposure potentially compromises network integrity and device functionality, making it essential for users to update their firmware to secure versions and disable any unnecessary interfaces.

References

http://secunia.com/advisories/56292

third-party-advisoryx_refsource_SECUNIA

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

https://exchange.xforce.ibmcloud.com/vulnerabilities/90233

vdb-entryx_refsource_XF

EPSS Score

64% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 12, 2014
Vulnerability Reserved
Jan 2, 2014