VDB
CVE-2014-2179
CVE-2014-2179
PUBLISHED
CVSS 5 MEDIUM
The Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a crafted HTTP request, aka Bug ID CSCuh86998.
EPSS 0.25% · 48.9th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
0.25%
48.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | rv120w_firmware | 0 |
| cisco | rv180_firmware | 0 |
| cisco | rv220w | |
| cisco | rv180 | |
| n/a | n/a | n/a |
| cisco | rv180w | |
| cisco | rv220w_firmware | 0 |
| cisco | rv120w |
Exploit Intelligence
- 20141105 Multiple Vulnerabilities in Cisco Small Business RV Series Routers (circl)
- http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html (circl)
- 20141106 Cisco RV Series multiple vulnerabilities (circl)
- 20141106 Cisco RV Series multiple vulnerabilities (circl)
- cisco-cve20142179-file-upload(98499) (circl)
- 1031171 (circl)
Timeline
- Nov 5, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv advisory
- http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html url
- 20141106 Cisco RV Series multiple vulnerabilities mailing-list
- 20141106 Cisco RV Series multiple vulnerabilities mailing-list
- cisco-cve20142179-file-upload(98499) vdb
- 1031171 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2014-2179 advisory