cbcvebase.
CVE-2014-2046
published 2014-05-14

CVE-2014-2046: cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain…

PriorityP357critical9.7CVSS 2.0
AVNACLAuNCPICAC
EXPLOIT
EPSS
3.82%
88.7th percentile
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.

Affected

1 ranges
VendorProductVersion rangeFixed in
broadcompipa_c211_web_interface

Detection & IOCsextracted from sources · hover to see the quote

path/cgi-bin/rpcBridge
commandconfig.getValuesHashExcludePaths
  • Detect unauthenticated POST requests to /cgi-bin/rpcBridge containing the method name 'config.getValuesHashExcludePaths' in the body, which indicates an attempt to dump full device configuration including credentials.
  • The exploit uses Content-Type: text/xml with an XML-RPC style body. Monitor for POST requests to /cgi-bin/rpcBridge with Content-Type text/xml from unauthenticated sources.
  • The vulnerability also allows firmware modification via the same unauthenticated rpcBridge endpoint; monitor for any POST to /cgi-bin/rpcBridge not preceded by a valid authenticated session.
  • ·No fixed firmware version is available; the affected version is Soft Rev SR1.1 / HW Rev PIPA C211 rev2. Detection should focus on network-level controls since no patch exists.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.