CVE-2014-2179 Information

Description

The Cisco RV router firmware on RV220W devices before 1.0.5.9 on RV120W devices and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to upload files to arbitrary locations via a crafted HTTP request aka Bug ID CSCuh86998.

Reference

http://packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html http://seclists.org/fulldisclosure/2014/Nov/6 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv http://www.securityfocus.com/archive/1/533917/100/0/threaded http://www.securitytracker.com/id/1031171 https://exchange.xforce.ibmcloud.com/vulnerabilities/98499