CVE-2014-4927

Published Jul 24, 2014

Last updated 3 months ago

CVSS info 7.8

Overview

Description: Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:acme:micro_httpd:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1AD463BC-534F-4F3D-8014-404B7A8E77CA"
          },
          {
            "criteria": "cpe:2.3:h:dlink:dsl2740u:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38A6D5EE-6E9D-43D7-9C9C-752554FDC7EE"
          },
          {
            "criteria": "cpe:2.3:h:dlink:dsl2750u:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1293CE45-F6E4-499A-91F8-F32663FC0D3E"
          },
          {
            "criteria": "cpe:2.3:h:netgear:mr-adsl-dg834:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFEF0EAF-3163-4171-8BBB-46844313EBA8"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C0B4B88-EBFE-4DE6-9038-18A609713CB4"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC248C40-6F00-4B14-96FB-4C08CDFE1C79"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDAD4C46-A082-4412-907E-637DCD91BDC8"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5294DA2-038F-4A90-AC22-A82CCDE126BF"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "891F919F-A312-4B67-B413-5E9B7299053B"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41ADEDC9-3642-41DE-888A-3FECE4134998"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5E82215-C1CB-404D-B846-FCA6BC7FEDF2"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14436BCE-55C0-445B-B86F-64ECB8A4A2C2"
          },
          {
            "criteria": "cpe:2.3:h:netgear:wgr614:v9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4A39563-6421-40A6-924B-D63C0444057D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References