Vulnerabilities > CVE-2014-3307 - Remote Arbitrary Command Execution vulnerability in Cisco Small Cell DHCP Message Processing
Attack vector
ADJACENT_NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE high complexity
cisco
Summary
The DHCP client implementation in Universal Small Cell firmware on Cisco Small Cell products allows remote attackers to execute arbitrary commands via crafted DHCP messages, aka Bug ID CSCup47513. Per: http://cwe.mitre.org/data/definitions/77.html "CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')"
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 |