VDB
CVE-2014-0683
CVE-2014-0683
PUBLISHED
CVSS 10 CRITICAL
The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
EPSS 29.44% · 96.7th percentile
Risk Scores
CVSS 2.0
10
EPSS Score
29.44%
96.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | cvr100w_firmware | 0 |
| n/a | n/a | n/a |
| cisco | rv110w_firmware | 0 |
| cisco | rv110w | |
| Cisco | N/A | |
| cisco | rv215w | |
| cisco | rv215w_firmware | 0 |
| cisco | cvr100w |
Exploit Intelligence
- 20140305 Cisco Small Business Router Password Disclosure Vulnerability (circl)
- Cisco RV110W - Password Disclosure / Command Execution Exploit (variot)
- Cisco RV110W - Password Disclosure / Command Execution Exploit (variot)
- Cisco RV110W - Password Disclosure / Command Execution - Hardware remote Exploit (variot)
- Cisco RV110W - Password Disclosure / Command Execution - Hardware remote Exploit (variot)
- Cisco RV110W - Password Disclosure / Command Execution Exploit (variot)
- Cisco RV110W - Password Disclosure / Command Execution - Hardware remote Exploit (variot)
- 45986 (cve.org)
- Cisco RV110W - Password Disclosure / Command Execution Exploit (0day-today)
- Cisco RV110W - Password Disclosure / Command Execution Exploit (0day-today)
Timeline
- Jan 26, 2014 CVE Published
- Mar 6, 2014 PoC Published
- Dec 14, 2018 PoC Published
- Dec 18, 2018 PoC Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score