Vulnerability Details CVE-2015-6401
Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.079
EPSS Ranking 91.7%
CVSS Severity
CVSS v2 Score 7.5
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-cwr
- http://www.securitytracker.com/id/1034347
- https://www.exploit-db.com/exploits/39904/
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-cwr
- http://www.securitytracker.com/id/1034347
- https://www.exploit-db.com/exploits/39904/
Products affected by CVE-2015-6401
-
Cisco » Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter » Version: 5.5.10cpe:2.3:o:cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter:5.5.10
-
Cisco » Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter » Version: 5.5.11cpe:2.3:o:cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter:5.5.11
-
Cisco » Epc3928 Docsis 3.0 8x4 Wireless Residential Gateway With Embedded Digital Voice Adapter » Version: 5.7.1cpe:2.3:o:cisco:epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter:5.7.1