CVE-2014-0659
60Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 74%
from disclosure to weapon2 days
Published on NVDJan 12
1st PoC+2d
metasploitDec 31
exploitation probability
74%top 1% of all CVEs
observed exploitation
nono source reports it
1 public exploit(s)
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/30915unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://secunia.com/advisories/56292https://exchange.xforce.ibmcloud.com/vulnerabilities/90233https://github.com/elvanderb/TCP-32764http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140110-sbdhttp://tools.cisco.com/security/center/viewAlert.x?alertId=32381http://www.securityfocus.com/bid/64776http://www.securitytracker.com/id/1029579http://www.securitytracker.com/id/1029580