PT-2011-3262 · Cisco · Cisco Wrvs4400N Gigabit Security Router+1

Publicado

2011-05-31

Atualizado

2011-09-07

CVE-2011-1646

CVSS v2.0

9.0

Alta

Vetor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco RVS4000 Gigabit Security Router versions 1.x before 1.3.3.4 Cisco RVS4000 Gigabit Security Router versions 2.x before 2.0.2.7 Cisco WRVS4400N Gigabit Security Router versions before 2.0.2.1

Description The issue allows remote authenticated users to execute arbitrary commands via the ping test parameter or traceroute test parameter in the web management interface.

Recommendations For Cisco RVS4000 Gigabit Security Router versions 1.x before 1.3.3.4, update to version 1.3.3.4 or later. For Cisco RVS4000 Gigabit Security Router versions 2.x before 2.0.2.7, update to version 2.0.2.7 or later. For Cisco WRVS4400N Gigabit Security Router versions before 2.0.2.1, update to version 2.0.2.1 or later.

Correção

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

CVE-2011-1646

Produtos afetados

Cisco Rvs4000 Gigabit Security Router

Cisco Wrvs4400N Gigabit Security Router

PT-2011-3262 · Cisco · Cisco Wrvs4400N Gigabit Security Router+1

CVE-2011-1646

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3