Remote Code Execution Flaw in Cisco Wireless Residential Gateways
CVE-2014-3306

Currently unrated

Key Information:

Vendor: Cisco
Status: Epc3010; Dpc3925; Epc3925; Dpc3010
Vendor: CVE Published:; 18 July 2014

What is CVE-2014-3306?

The web server running on various Cisco Wireless Residential Gateway models has a vulnerability that allows attackers to execute arbitrary code remotely. By sending specially crafted HTTP requests, malicious actors can exploit this security flaw, leading to unauthorized operations on the affected devices. This exposes users to potential risks, including data breaches and unauthorized access to sensitive information.

References

http://www.securitytracker.com/id/1030598

vdb-entryx_refsource_SECTRACK

http://www.securitytracker.com/id/1030599

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

EPSS Score

10% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2014
Vulnerability Reserved
May 7, 2014