Chris Watts - Tech Analysis Finds Remote Code Execution Vulnerability in Cisco Modems CVE-2014-3306.

The following Critical Vulnerability was found by Chris Watts of Tech Analysis. Congratulations to Chris for continued efforts in making the internet a bit safer.

Cisco Wireless Residential Gateway Remote Code Execution Vulnerability Critical Vulnerability
ID's: 1) Cisco: ciscosa-20140716-cm – CSCup40808, 2) AusCert Alert Number: ESB-2014.1179, 3) National Vulnerability Database (NVD): CVE-2014-3306

Summary

A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is due to incorrect input validation for HTTP requests.


An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. Cisco has released free software updates that address this vulnerability.

The following Cisco products are affected by this vulnerability:
  • Cisco DPC3212 VoIP Cable Modem
  • Cisco DPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway
  • Cisco EPC3212 VoIP Cable Modem
  • Cisco EPC3825 8x4 DOCSIS 3.0 Wireless Residential Gateway
  • Cisco Model DPC3010 DOCSIS 3.0 8x4 Cable Modem
  • Cisco Model DPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA
  • Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA
  • Cisco Model EPC3010 DOCSIS 3.0 Cable Modem
  • Cisco Model EPC3925 8x4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA