CVE-2014-7249

19.12.2014, 11:59

Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	10 UNKNOWN	NETWORK	LOW	AV:N/AC:L/Au:N/C:C/I:C/A:C
jpcert	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 91%

Vendor	Product	Version
alliedtelesis	centrecom_ar415s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_ar415s	*
alliedtelesis	at-8624t\/2m_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-8624t\/2m	*
alliedtelesis	ar442s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	ar442s	-
alliedtelesis	at-9924t_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-9924t	*
alliedtelesis	at-8848_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-8848	*
alliedtelesis	rapier_48i_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	rapier_48i	*
alliedtelesis	centrecom_ar450s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_ar450s	*
alliedtelesis	ar745_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	ar745	-
alliedtelesis	ar441s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	ar441s	-
alliedtelesis	centrecom_9924sp_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_9924sp	*
alliedtelesis	switchblade4000_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	switchblade4000	*
alliedtelesis	at-8624poe_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-8624poe	*
alliedtelesis	centrecom_9924t\/4sp_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_9924t\/4sp	*
alliedtelesis	at-9816gb_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-9816gb	*
alliedtelesis	at-9924ts_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-9924ts	*
alliedtelesis	ar750s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	ar750s	-
alliedtelesis	centrecom_ar570s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_ar570s	*
alliedtelesis	centrecom_8948xl_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_8948xl	*
alliedtelesis	at-8648t\/2sp_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-8648t\/2sp	*
alliedtelesis	centrecom_8700sl_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_ar8700sl	*
alliedtelesis	ar750s-dp_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	ar750s-dp	-
alliedtelesis	centrecom_ar550s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	centrecom_ar550s	*
alliedtelesis	at-8748xl_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	at-8748xl	*
alliedtelesis	ar440s_firmware	𝑥 ≤ 2.9.1-20
alliedtelesis	ar440s	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://jvn.jp/en/jp/JVN22440986/index.html

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000132

http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.html

http://jvn.jp/en/jp/JVN22440986/index.html

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000132

http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.html