Vulnerabilities > CVE-2014-2046 - Cryptographic Issues vulnerability in Broadcom Pipa C211 and Pipa C211 web Interface
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information via a certain request to the config.getValuesHashExcludePaths method or (2) modify the firmware via unspecified vectors.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 | |
| Hardware | 1 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Exploit-Db
| description | Broadcom PIPA C211 - Sensitive Information Disclosure. CVE-2014-2046. Webapps exploit for hardware platform |
| id | EDB-ID:33353 |
| last seen | 2016-02-03 |
| modified | 2014-05-14 |
| published | 2014-05-14 |
| reporter | Portcullis |
| source | https://www.exploit-db.com/download/33353/ |
| title | Broadcom PIPA C211 - Sensitive Information Disclosure |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/126601/broadcompipa-bypass.txt |
| id | PACKETSTORM:126601 |
| last seen | 2016-12-05 |
| published | 2014-05-13 |
| reporter | Jerzy Kramarz |
| source | https://packetstormsecurity.com/files/126601/Broadcom-PIPA-C211-Information-Disclosure.html |
| title | Broadcom PIPA C211 Information Disclosure |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:86576 |
| last seen | 2017-11-19 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-86576 |
| title | Broadcom PIPA C211 - Sensitive Information Disclosure |