Command Injection Vulnerability in Cisco DPC3939 XB3 Administrative Interface
CVE-2015-6361

Currently unrated

Key Information:

Vendor: Cisco
Status: Dpc3939 Wireless Residential Voice Gateway Firmware
Vendor: CVE Published:; 13 December 2015

Summary

The administrative web interface of Cisco DPC3939 (XB3) devices running firmware version 121109aCMCST is susceptible to a command injection vulnerability. This flaw allows remote authenticated users to execute arbitrary commands on the device through unspecified fields, potentially leading to unauthorized access and control over the device. The vulnerability highlights the importance of securing administrative interfaces to prevent exploitation. For more details, refer to the official advisory.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Dec 13, 2015
Vulnerability Reserved
Aug 17, 2015