PT-2011-3262 · Cisco · Cisco Wrvs4400N Gigabit Security Router+1
Published
2011-05-31
·
Updated
2011-09-07
·
CVE-2011-1646
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco RVS4000 Gigabit Security Router versions 1.x before 1.3.3.4
Cisco RVS4000 Gigabit Security Router versions 2.x before 2.0.2.7
Cisco WRVS4400N Gigabit Security Router versions before 2.0.2.1
Description
The issue allows remote authenticated users to execute arbitrary commands via the
ping test parameter or traceroute test parameter in the web management interface.Recommendations
For Cisco RVS4000 Gigabit Security Router versions 1.x before 1.3.3.4, update to version 1.3.3.4 or later.
For Cisco RVS4000 Gigabit Security Router versions 2.x before 2.0.2.7, update to version 2.0.2.7 or later.
For Cisco WRVS4400N Gigabit Security Router versions before 2.0.2.1, update to version 2.0.2.1 or later.
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Rvs4000 Gigabit Security Router
Cisco Wrvs4400N Gigabit Security Router