10

CVE-2014-3306

The web server on Cisco DPC3010, DPC3212, DPC3825, DPC3925, DPQ3925, EPC3010, EPC3212, EPC3825, and EPC3925 Wireless Residential Gateway products allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCup40808.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoDpc3010 Version-
CiscoDpc3212 Version-
CiscoDpc3825 Version-
CiscoDpc3925 Version-
CiscoDpq3925 Version-
CiscoEpc3010 Version-
CiscoEpc3212 Version-
CiscoEpc3825 Version-
CiscoEpc3925 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 10.47% 0.925
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.securitytracker.com/id/1030598
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1030599
Third Party Advisory
VDB Entry