APP: ScMM Test Interface In Cisco Small Business Devices
This signature detects attempts to exploit a known vulnerability against Cisco Small Business Devices. A successful exploit can lead to remote code execution.
Extended Description
The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.
Short Name
APP:CISCO:SCMM-TEST-INTERFACE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Business CVE-2014-0659 Cisco Devices In Interface ScMM Small Test bid:64776
Release Date
06/04/2018
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
Port
TCP/32764
False Positive
Unknown
CVSS Score
10.0