Vulnerability Note VU#213046
Virtual Access GW6110A router privilege escalation vulnerability
Virtual Access GW6110A routers contain a privilege escalation vulnerability which could allow an authenticated user to escalate their privileges.
CWE-472: External Control of Assumed-Immutable Web Parameter
An authenticated user could escalate their privileges on the router, allowing them access to administration features.
Users of software branch 9.50 are advised to update to version 9.50.21 or later.
Users of software branch 10.00 are advised to update to version 10.00.21 or later.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Virtual Access||Affected||29 Jan 2014||18 Mar 2014|
CVSS Metrics (Learn More)
Thanks to James Premo for reporting this vulnerability.
This document was written by Michael Orlando.
- CVE IDs: CVE-2014-0343
- Date Public: 25 Mar 2014
- Date First Published: 25 Mar 2014
- Date Last Updated: 25 Mar 2014
- Document Revision: 13
If you have feedback, comments, or additional information about this vulnerability, please send us email.