10

CVE-2014-9222

EPSS 89.15%
Veröffentlicht 24.12.2014 18:59:06
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Allegrosoft ≫ Rompager Version <= 4.07

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	89.15%	0.995

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://mis.fortunecook.ie/

Third Party Advisory

Technical Description

http://seclists.org/fulldisclosure/2014/Dec/87

Third Party Advisory

Mailing List

http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-407666.htm

Vendor Advisory

http://www.kb.cert.org/vuls/id/561444

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/105173

https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.html

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-9222

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-9222

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-9222

EUVD