Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.
Max CVSS
7.7
EPSS Score
0.12%
Published
2014-12-24
Updated
2014-12-24
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.
Max CVSS
7.2
EPSS Score
0.04%
Published
2014-12-24
Updated
2014-12-24
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.
Max CVSS
5.4
EPSS Score
0.20%
Published
2014-12-24
Updated
2014-12-24
3 vulnerabilities found