Vulnslist

find the latest Cisco vulnerabilities

Cisco Wireless Residential Gateway Information Disclosure Vulnerability

cisco-sa-20160309-rgid · High · Published · Updated

A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device.  The vulnerability is caused by improper access restrictions implemented on the affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2016-1325
Cisco Bug IDsCSCus49493, CSCus49506
CVSS ScoreBase 7.8
Base 7.8 AV:N/AC:L/Au:N/C:C/I:N/A:N/E:F/RL:U/RC:C
Product Names From Source
Cisco DPC3939 (XB3) Wireless Residential Voice Gateway, Cisco DPC3941 Wireless Residential Gateway

CSAF Product Statuses

Product Status Source CVE Rows
Cisco DPC3939 (XB3) Wireless Residential Voice Gateway known_affected cisco_csaf CVE-2016-1325 1
Cisco DPC3941 Wireless Residential Gateway known_affected cisco_csaf CVE-2016-1325 1

Related Products

Product CVE Evidence
Cisco DPC3939 (XB3) Wireless Residential Voice Gateway CVE-2016-1325 Cisco OpenVuln
Cisco DPC3941 Wireless Residential Gateway CVE-2016-1325 Cisco OpenVuln