Cisco: >> Meraki Ms Firmware >> 2014-09-24 Security Vulnerabilities
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.
CVSS Score
7.7
EPSS Score
0.002
Published
2014-12-24
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.
CVSS Score
7.2
EPSS Score
0.001
Published
2014-12-24
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.
CVSS Score
5.4
EPSS Score
0.001
Published
2014-12-24
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.
CVSS Score
3.3
EPSS Score
0.001
Published
2014-12-24