| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.0 | $0-$5k | 0.00 |
Summary
A vulnerability marked as critical has been reported in Allegro RomPager 4.07. Impacted is an unknown function of the component Cookie Handler. The manipulation leads to Remote Code Execution. This vulnerability is listed as CVE-2014-9222. The attack may be initiated remotely. In addition, an exploit is available. It is suggested to upgrade the affected component.
Details
A vulnerability was found in Allegro RomPager 4.07 and classified as critical. This issue affects an unknown code of the component Cookie Handler. The manipulation with an unknown input leads to a code vulnerability. Using CWE to declare the problem leads to CWE-17. Impacted is confidentiality, integrity, and availability. The summary by CVE is:
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability.
The bug was discovered 12/24/2014. The weakness was presented 12/24/2014 with Check Point Software Technologies as confirmed mailinglist post (Full-Disclosure). The advisory is shared at seclists.org. The identification of this vulnerability is CVE-2014-9222 since 12/02/2014. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are unknown but a public exploit is available.
The exploit is available at exploit-db.com. It is declared as highly functional. The vulnerability scanner Nessus provides a plugin with the ID 80304 (Allegro RomPager HTTP Cookie Management Remote Code Execution Vulnerability (Misfortune Cookie)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Web Servers and running in the context r. The commercial vulnerability scanner Qualys is able to test this issue with plugin 43429 (Allegro RomPager HTTP Cookie Memory Corruption Vulnerability (Misfortune Cookie)).
Upgrading to version 4.34 eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 19260.
The vulnerability is also documented in the databases at X-Force (99719), Exploit-DB (39739), Tenable (80304), SecurityFocus (BID 71744†) and Vulnerability Center (SBV-47841†). See VDB-68512 and VDB-83180 for similar entries. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
Video
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.3VulDB Meta Temp Score: 7.0
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: CodeCWE: CWE-17
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Highly functional
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 80304
Nessus Name: Allegro RomPager HTTP Cookie Management Remote Code Execution Vulnerability (Misfortune Cookie)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 103480
OpenVAS Name: Allegro RomPager `Misfortune Cookie` Vulnerability
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
MetaSploit ID: allegro_rompager_misfortune_cookie.rb
MetaSploit Name: Adobe XML External Entity Injection
MetaSploit File: 🔍
Exploit-DB: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: RomPager 4.34
TippingPoint: 🔍
McAfee IPS: 🔍
McAfee IPS Version: 🔍
Timeline
07/01/2005 🔍12/02/2014 🔍
12/19/2014 🔍
12/19/2014 🔍
12/24/2014 🔍
12/24/2014 🔍
12/24/2014 🔍
12/29/2014 🔍
12/30/2014 🔍
01/09/2015 🔍
12/27/2024 🔍
Sources
Advisory: seclists.orgOrganization: Check Point Software Technologies
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2014-9222 (🔍)
GCVE (CVE): GCVE-0-2014-9222
GCVE (VulDB): GCVE-100-68513
CERT: 🔍
X-Force: 99719 - AllegroSoft RomPager cookie security bypass, Medium Risk
SecurityFocus: 71744 - Allegro RomPager HTTP Cookie Handling CVE-2014-9222 Security Bypass Vulnerability
Vulnerability Center: 47841 - AllegroSoft RomPager <=4.34 Remote Privilege Escalation Vulnerability via a Crafted Cookie, Critical
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 01/09/2015 09:45Updated: 12/27/2024 04:09
Changes: 01/09/2015 09:45 (77), 07/29/2019 20:59 (15), 08/31/2024 23:48 (21), 12/27/2024 04:09 (1)
Complete: 🔍
Cache ID: 216:34E:103
No comments yet. Languages: en.
Please log in to comment.