CVE-2014-7249
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD
Description
Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.
Affected (48)
Products: Alliedtelesis: Centrecom Ar415s Firmware, Centrecom Ar415s, At 8624t/2m Firmware, At 8624t/2m, Ar442s Firmware, Ar442s, At 9924t Firmware, At 9924t, At 8848 Firmware, At 8848, Rapier 48i Firmware, Rapier 48i, Centrecom Ar450s Firmware, Centrecom Ar450s, Ar745 Firmware, Ar745, Ar441s Firmware, Ar441s, Centrecom 9924sp Firmware, Centrecom 9924sp, Switchblade4000 Firmware, Switchblade4000, At 8624poe Firmware, At 8624poe, Centrecom 9924t/4sp Firmware, Centrecom 9924t/4sp, At 9816gb Firmware, At 9816gb, At 9924ts Firmware, At 9924ts, Ar750s Firmware, Ar750s, Centrecom Ar570s Firmware, Centrecom Ar570s, Centrecom 8948xl Firmware, Centrecom 8948xl, At 8648t/2sp Firmware, At 8648t/2sp, Centrecom 8700sl Firmware, Centrecom Ar8700sl, Ar750s Dp Firmware, Ar750s Dp, Centrecom Ar550s Firmware, Centrecom Ar550s, At 8748xl Firmware, At 8748xl, Ar440s Firmware, Ar440s
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration U
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration V
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration W
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
Configuration X
| Vulnerable Software | Affected Versions |
|---|---|
| Up to 2.9.1-20 | |
| All versions |
References (6)
Source: vultures@jpcert.or.jp
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Timeline
No history available yet.