Vulnerability Details CVE-2014-2046
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.109
EPSS Ranking 93.0%
CVSS Severity
CVSS v2 Score 9.7
References
Products affected by CVE-2014-2046
-
cpe:2.3:a:broadcom:pipa_c211_web_interface:1.1
-
cpe:2.3:h:broadcom:pipa_c211:-