Computer Security
[EN] securityvulns.ru no-pyccku


BROADCOM PIPA C211 authentication bypass
Published:15.05.2014
Source:
SecurityVulns ID:13777
Type:remote
Threat Level:
5/10
Description:Device configuration may be accessed without authentication.
Affected:BROADCOM : Broadcom PIPA C211
CVE:CVE-2014-2046 (cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.)
Original documentdocumentadvisories_(at)_portcullis-security.com, CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 (15.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod