2014 m. liepos 21 d., pirmadienis

Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability

Cisco Wireless Residential Gateway Remote Code Execution Vulnerability

Advisory ID: ciscosa-20140716-cm


Revision 1.0

For Public Release 2014 July 16 16:00  UTC (GMT)

Summary

A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.

The vulnerability is due to incorrect input validation for HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.

Cisco has released free software updates that address this vulnerability.
Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/ciscosa-20140716-cm
Pranešimą parašė ties

Komentarų nėra:

Rašyti komentarą

Užsisakykite: Rašyti komentarus (Atom)