Description
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.
Published: 2014-12-24
Score: 5.4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2014-7843 Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.
History

No history.

Subscriptions

Cisco Meraki Mr Meraki Mr Firmware Meraki Ms Meraki Ms Firmware Meraki Mx Meraki Mx Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published:

Updated: 2024-08-06T13:03:27.650Z

Reserved: 2014-10-08T00:00:00.000Z

Link: CVE-2014-7994

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-12-24T00:59:01.547

Modified: 2026-05-06T22:30:45.220

Link: CVE-2014-7994

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses