VDB
CVE-2014-2177
CVE-2014-2177
PUBLISHED
CVSS 9 CRITICAL
The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote authenticated users to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCuh87126.
EPSS 0.53% · 67.6th percentile
Risk Scores
CVSS 2.0
9
EPSS Score
0.53%
67.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| cisco | rv180 | |
| cisco | rv120w | |
| cisco | rv180_firmware | 0 |
| cisco | rv220w_firmware | 0 |
| cisco | rv180w | |
| cisco | rv220w | |
| cisco | rv120w_firmware | 0 |
Exploit Intelligence
- 20141105 Multiple Vulnerabilities in Cisco Small Business RV Series Routers (circl)
- http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html (circl)
- cisco-cve20142177-command-exec(98497) (circl)
- 20141106 Cisco RV Series multiple vulnerabilities (circl)
- 20141106 Cisco RV Series multiple vulnerabilities (circl)
- 1031171 (circl)
Timeline
- Nov 5, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv advisory
- http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html url
- cisco-cve20142177-command-exec(98497) vdb
- 20141106 Cisco RV Series multiple vulnerabilities mailing-list
- 20141106 Cisco RV Series multiple vulnerabilities mailing-list
- 1031171 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2014-2177 advisory