CVE-2014-0683
published 2014-03-06CVE-2014-0683: The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W…
PriorityP264critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
10.35%
95.1th percentile
The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cvr100w_firmware | <= 1.0.1.19 | — |
| cisco | rv110w_firmware | <= 1.2.0.9 | — |
| cisco | rv215w_firmware | <= 1.1.0.5 | — |
| cisco | small_business_router_password | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Flag POST requests to '/apply.cgi' where the 'ping_times' parameter contains shell metacharacters such as '|', which is the OS command injection vector used in this exploit chain. ↗
- →Alert on POST requests to '/apply.cgi' with submit_button=Diagnostics and change_action=gozila_cgi, as these parameters are used to trigger the command execution path on affected Cisco RV110W devices. ↗
- →Monitor for authentication requests that are intercepted and resubmitted (replay attack pattern) against the web management interface of Cisco RV110W, RV215W, and CVR100W devices. ↗
- ·The exploit was tested on firmware version 1.1.0.9 of the RV110W; the password disclosure via the index page may behave differently on 1.2.0.9 or later versions. ↗
- ·Affected firmware versions are: RV110W ≤1.2.0.9, RV215W ≤1.1.0.5, CVR100W ≤1.0.1.19. Devices running these versions expose admin credentials unauthenticated. ↗
- ·There are no known workarounds; only vendor-supplied firmware updates remediate this vulnerability. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Cisco CVR100W/RV110W/RV215W Management Interface credentials management (cisco-sa-20140305-rpd / EDB-45986)
vuldb·2026-05-07·CVSS 10.0
CVE-2014-0683 [CRITICAL] Cisco CVR100W/RV110W/RV215W Management Interface credentials management (cisco-sa-20140305-rpd / EDB-45986)
A vulnerability was found in Cisco CVR100W, RV110W and RV215W. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component Management Interface. Performing a manipulation results in credentials management.
This vulnerability is reported as CVE-2014-0683. The attack is possible to be carried out remotely. Moreover, an exploit is present.
To fix this issue, it is recommended to deploy a patch.
GHSA
GHSA-7xqw-8r6g-8v75: The web management interface on the Cisco RV110W firewall with firmware 1
ghsa_unreviewed·2022-05-14
CVE-2014-0683 [HIGH] GHSA-7xqw-8r6g-8v75: The web management interface on the Cisco RV110W firewall with firmware 1
The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
Cisco
Cisco Small Business Router Password Disclosure Vulnerability
vendor_cisco·2014-03-05·CVSS 10.0
CVE-2014-0683 [CRITICAL] CWE-255 Cisco Small Business Router Password Disclosure Vulnerability
Cisco Small Business Router Password Disclosure Vulnerability
A
vulnerability in the web management interface of the
Cisco RV110W Wireless-N VPN Firewall, the Cisco RV215W Wireless-N VPN
Router, and the Cisco CVR100W Wireless-N VPN Router
could allow an unauthenticated, remote attacker to gain administrative-level access to the web management interface of the affected device.
The vulnerability is due to improper handling of authentication requests by the web framework. An attacker could exploit this vulnerability by intercepting, modifying and resubmitting an authentication request. Successful exploitation of this vulnerability could give an attacker administrative-level access to the web-based administration interface on the affected device.
Cisco has released software updates that add
Cisco
Cisco Small Business Router Password Disclosure Vulnerability
vendor_cisco
CVE-2014-0683 Cisco Small Business Router Password Disclosure Vulnerability
CVE-2014-0683: Cisco Small Business Router Password Disclosure Vulnerability
A vulnerability in the web management interface of the Cisco RV110W Wireless-N VPN Firewall, the Cisco RV215W Wireless-N VPN Router, and the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain administrative-level access to the web management interface of the affected device. The vulnerability is due to improper handling of authentication requests by the web framework. An attacker could exploit this vulnerability by intercepting, modifying and resubmitting an authentication request. Successful exploitation of this vulnerability could give an attacker administrative-level access to the web-based administration interface on the affected device. Cisco has released software upda
No detection rules found.
No writeups or analysis indexed.
2014-03-06
Published