CVE-2014-0659
Description
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.
Risk Information
Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
65.604
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Undocumented Test Interface in Cisco Small Business Devices For Cisco Small Business Wireless Access Points | NCM |
| Undocumented Test Interface in Cisco Small Business Devices For Cisco Small Business RV Series Routers | NCM |
| Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability (CVE-2014-0659) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705261 | Security Update for Cisco Small Business Wireless Access Points 1.1.3.2 |
| PATCH-1705925 | Security Update for Cisco Small Business RV Series Routers 1.0.3.16 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234