[c-nsp] Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability
Cisco Systems Product Security Incident Response Team
psirt at cisco.com
Wed Mar 9 11:05:19 EST 2016
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability
Advisory ID: cisco-sa-20160309-rgid
Revision 1.0
Published: 2016 March 9 16:00 GMT
+---------------------------------------------------------------------
Summary
========
A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device.
The vulnerability is caused by improper access restrictions implemented on the affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.
Cisco has released software updates to its service provider customers that address the vulnerability described in this advisory. Prior to contacting Cisco TAC, customers are advised to contact their service providers to confirm the software deployed by the service provider includes the fix that addresses this vulnerability. Workarounds that mitigate this vulnerability are not available.
This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-rgid
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJW4DOZAAoJEK89gD3EAJB5L+kP/3k8pRmQQ3Dig29KOdQR0bP2
6UI3pty+tMylw7i17/YBXgpubxmz8hyD+q9yqTwb97a15BY7/89PJ/SMmAlp0z7/
TNC6OtuTYRNovT4uTs4h8LC04U0jWq9Z/caSeHRqn9HpgKWv+wxq0S3A5pVWYiSH
xfdt81ek2fj6ZND4hEHUQoVNrWLDylhirbGcmTe84HkxUDeIyzivSlyDovfedijc
2hyWXl3DRD9UqoOEW2zVy74wn7BWANCmWXrlPxsyFfSZyMHsZlSGS5y8Oe8Cearm
6wGyGr3NWRHX1baLEIA4j/oeSiooWsHLGa3ja+Td8p/ADK1h/nlnwBB9GxOjJoCQ
Dx78cf7Aa9UbyUjviSt4od2TDxTg4D4n7zU4fglBqODX0nw4sUH7Rylt7ce3ZzEL
Jfgo9+W4JQL81SA+qdBiCpMLcgR+ChAALcXti4WZolOPt9Iceo9ahYPQe+VUbfLR
OF/sSFOZHZM6gRPlkYhF6if9ZD6CZ1jgMjuSoWc/pAsiiRCmzdXIev2UcVqVnSTE
nnSppYjVa3E4hKzR2VHQHmRtNYfTNTGVyM5VCHelWzscJGhAWeC6pLgyOPqySRvR
hsC/XM31sa0E9GxmqQYyJD1gqDmwrS4DPtLUJkmv/3zIU0bbFkxAcQz9pSfOPHgC
gfpjKXGVQFqJpiyuFJUm
=rVTy
-----END PGP SIGNATURE-----
More information about the cisco-nsp
mailing list