Vulnerability Description
Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string in the URI in a GET request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Acme | Micro Httpd | - |
| Dlink | Dsl2740U | - |
| Dlink | Dsl2750U | - |
| Netgear | Mr-Adsl-Dg834 | - |
| Netgear | Wgr614 | v1 |
Related Weaknesses (CWE)
References
- http://osvdb.org/show/osvdb/109356
- http://packetstormsecurity.com/files/127544/ACME-micro_httpd-Denial-Of-Service.hExploit
- http://www.exploit-db.com/exploits/34102Exploit
- http://www.securityfocus.com/bid/68746Exploit
- http://osvdb.org/show/osvdb/109356
- http://packetstormsecurity.com/files/127544/ACME-micro_httpd-Denial-Of-Service.hExploit
- http://www.exploit-db.com/exploits/34102Exploit
- http://www.securityfocus.com/bid/68746Exploit
FAQ
What is CVE-2014-4927?
CVE-2014-4927 is a vulnerability with a CVSS score of 7.8 (HIGH). Buffer overflow in ACME micro_httpd, as used in D-Link DSL2750U and DSL2740U and NetGear WGR614 and MR-ADSL-DG834 routers allows remote attackers to cause a denial of service (crash) via a long string...
How severe is CVE-2014-4927?
CVE-2014-4927 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4927?
Check the references section above for vendor advisories and patch information. Affected products include: Acme Micro Httpd, Dlink Dsl2740U, Dlink Dsl2750U, Netgear Mr-Adsl-Dg834, Netgear Wgr614.