CVE-2014-9222
published 2014-12-24CVE-2014-9222: AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a…
PriorityP181critical10CVSS 2.0
AVNACLAuNCCICAC
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
63.75%
99.1th percentile
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| allegrosoft | rompager | <= 4.07 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target HTTP servers running Allegro RomPager versions before 4.34; a crafted HTTP cookie can be used to bypass authentication and gain administrator access without valid credentials. ↗
- →Scan for HTTP servers exposing RomPager version strings prior to 4.34 on home gateway/CPE devices (e.g., Huawei Home Gateway) as indicators of vulnerable targets. ↗
- →Monitor for unauthenticated administrative HTTP sessions on RomPager-based devices; successful exploitation results in privilege escalation via malformed cookie without credentials. ↗
- ·Vulnerability affects RomPager 4.34 and earlier as embedded in multiple vendors' products (not just Huawei); scope of affected devices is broad across home gateway/CPE product lines. ↗
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck10.0CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-528r-899g-3h95: AllegroSoft RomPager 4
ghsa_unreviewed·2022-05-14
CVE-2014-9222 [HIGH] GHSA-528r-899g-3h95: AllegroSoft RomPager 4
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
VulnCheck
AllegroSoft RomPager Crafted Cookie Privilege Escalation
vulncheck·2014·CVSS 10.0
CVE-2014-9222 [CRITICAL] AllegroSoft RomPager Crafted Cookie Privilege Escalation
AllegroSoft RomPager Crafted Cookie Privilege Escalation
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
Affected: allegrosoft rompager
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.wordfence.com/blog/2017/04/home-routers-attacking-wordpress/
No detection rules found.
Metasploit
Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Authentication Bypass
metasploit·CVSS 10.0
CVE-2014-9222 [CRITICAL] Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Authentication Bypass
Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Authentication Bypass
This module exploits HTTP servers that appear to be vulnerable to the 'Misfortune Cookie' vulnerability which affects Allegro Software Rompager versions before 4.34 and can allow attackers to authenticate to the HTTP service as an administrator without providing valid credentials.
Metasploit
Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Scanner
metasploit·CVSS 10.0
CVE-2014-9222 [CRITICAL] Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Scanner
Allegro Software RomPager 'Misfortune Cookie' (CVE-2014-9222) Scanner
This module scans for HTTP servers that appear to be vulnerable to the 'Misfortune Cookie' vulnerability which affects Allegro Software Rompager versions before 4.34 and can allow attackers to authenticate to the HTTP service as an administrator without providing valid credentials.
No writeups or analysis indexed.
http://mis.fortunecook.ie/http://seclists.org/fulldisclosure/2014/Dec/87http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-407666.htmhttp://www.kb.cert.org/vuls/id/561444http://www.securityfocus.com/bid/105173https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.htmlhttp://mis.fortunecook.ie/http://seclists.org/fulldisclosure/2014/Dec/87http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-407666.htmhttp://www.kb.cert.org/vuls/id/561444http://www.securityfocus.com/bid/105173https://www.allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.html
2014-12-24
Published
Exploited in the wild