CVE-2014-0683

Published: Mar 6, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.

Affected (6)

Products: Cisco: Rv110w Firmware, Rv110w, Rv215w Firmware, Rv215w, Cvr100w Firmware, Cvr100w

6 products

Rv110w Firmware

Rv215w Firmware

Cvr100w Firmware

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Rv110w Firmware	Up to 1.2.0.9
Cisco Rv110w	All versions

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Rv215w Firmware	Up to 1.1.0.5
Cisco Rv215w	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Cvr100w Firmware	Up to 1.0.1.19
Cisco Cvr100w	All versions

Related CWEs

References (4)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd

Source: psirt@cisco.com

PatchVendor Advisory

https://www.exploit-db.com/exploits/45986/

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140305-rpd

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://www.exploit-db.com/exploits/45986/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.