← Back

CVE-2016-1327

nvd nist
Published: Mar 9, 2016Modified: May 6, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Buffer overflow in the web server on Cisco DPC2203 and EPC2203 devices with firmware r1_customer_image allows remote attackers to execute arbitrary code via a crafted HTTP request, aka Bug ID CSCuv05935.

Affected (2)

Cisco
2 products
Dpc2203 Cable Modem Firmware
Epc2203 Cable Modem Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Dpc2203 Cable Modem Firmware
Version r1_customer_image_base
Running on/withPlatform Versions
Cisco
Dpc2203
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Epc2203 Cable Modem Firmware
Version r1_customer_image_base
Running on/withPlatform Versions
Cisco
Epc2203
All versions

Related CWEs

CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (6)

Source: psirt@cisco.com
Source: psirt@cisco.com
Source: psirt@cisco.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.