Details of VAR-201412-0586

ID

VAR-201412-0586

CVE

CVE-2014-7249

TITLE

Multiple Allied Telesis products vulnerable to buffer overflow

Trust: 0.8

sources: JVNDB: JVNDB-2014-000132

DESCRIPTION

Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request. Allied Telesis AT-RG634A ADSL Broadband Router is an ADSL broadband router product from Allied Telesis. A buffer overflow vulnerability exists in multiple Allied Telesis products that use firmware version 2.9.1-21. Failed exploit attempts may result in a denial-of-service condition. The following products and versions are affected: Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT- 8748XL , AT-8848 , AT-9816GB , AT-9924T , AT-9924Ts , CentreCOM AR415S , CentreCOM AR450S , CentreCOM AR550S , CentreCOM AR570S , CentreCOM 8700SL , CentreCOM 8948XL , CentreCOM 9924SP , CentreCOM 9924T/4SP , Rapier 48i , SwitchBlade4000

Trust: 2.52

sources: NVD: CVE-2014-7249 // JVNDB: JVNDB-2014-000132 // CNVD: CNVD-2014-09058 // BID: 72382 // VULHUB: VHN-75194

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-09058

AFFECTED PRODUCTS

vendor:	alliedtelesis	model:	ar750s-dp	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar570s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-9924t	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar750s	scope:	eq	version:	-	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar450s	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	switchblade4000	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar442s	scope:	eq	version:	-	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar8700sl	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	at-9924ts	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar441s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar440s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar750s-dp	scope:	eq	version:	-	Trust: 1.0
vendor:	alliedtelesis	model:	at-8648t\/2sp	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	at-8848	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	at-8624poe	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar450s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar550s	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 9924sp	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 9924t\/4sp	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar745	scope:	eq	version:	-	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 8700sl	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-8648t\/2sp	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar440s	scope:	eq	version:	-	Trust: 1.0
vendor:	alliedtelesis	model:	ar745	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	ar441s	scope:	eq	version:	-	Trust: 1.0
vendor:	alliedtelesis	model:	at-9924ts	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar415s	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar415s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-9816gb	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	at-8624poe	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 9924t\/4sp	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	at-8624t\/2m	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	rapier 48i	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-9924t	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 8948xl	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	rapier 48i	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar570s	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	ar442s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 8948xl	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-8848	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom 9924sp	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-8748xl	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	ar750s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-8748xl	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	at-8624t\/2m	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	at-9816gb	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	alliedtelesis	model:	switchblade4000	scope:	eq	version:	*	Trust: 1.0
vendor:	alliedtelesis	model:	centrecom ar550s	scope:	lte	version:	2.9.1-20	Trust: 1.0
vendor:	allied telesis	model:	ar440s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	ar441s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	ar442s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	ar745	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	ar750s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	ar750s-dp	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	at-8624poe	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	at-8624t/2m	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	at-8648t/2sp	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	at-8848	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	at-9924t	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	centrecom 8700sl	scope:	eq	version:	series	Trust: 0.8
vendor:	allied telesis	model:	centrecom 8700xl	scope:	eq	version:	series (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom 8724sl	scope:	eq	version:	v2	Trust: 0.8
vendor:	allied telesis	model:	centrecom 8948xl	scope:	eq	version:	series	Trust: 0.8
vendor:	allied telesis	model:	centrecom 9812t	scope:	eq	version:	series (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom 9816gb	scope:	eq	version:	series (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom 9924sp	scope:	eq	version:	(end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom 9924t/4sp	scope:	eq	version:	series (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom 9924ts	scope:	eq	version:	series (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar300	scope:	eq	version:	v2 (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar300l	scope:	eq	version:	v2 (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar320	scope:	eq	version:	(end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar410	scope:	eq	version:	v2 (end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar415s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar450s	scope:	eq	version:	(end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar550s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar560s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar570s	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar720	scope:	eq	version:	(end of support)	Trust: 0.8
vendor:	allied telesis	model:	centrecom ar740	scope:	eq	version:	(end of support)	Trust: 0.8
vendor:	allied telesis	model:	rapier 48i	scope:	-	version:	-	Trust: 0.8
vendor:	allied telesis	model:	switchblade4000	scope:	-	version:	-	Trust: 0.8
vendor:	allied	model:	telesis switchblade4000	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis rapier 48i	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom 9924t/4sp 9924sp	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom 8700sl series	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom 8948xl	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom ar570s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom ar550s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom ar450s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis centrecom ar415s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-9924ts	scope:	-	version:	-	Trust: 0.6
vendor:	allied	model:	telesis at-9924t	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-9816gb	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-8848	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-8748xl	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-8648t/2sp	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-8624t/2m	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-8624poe	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis ar750s-dp	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis ar750s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis ar745	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis ar442s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis ar441s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis ar440s	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-rg634a adsl broadband route	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-mcf2000m	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-tftp	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	allied	model:	telesis at-tftp server	scope:	lte	version:	<=2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	switchblade4000	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	at-9924ts	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	centrecom 9924sp	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	centrecom 9924t\/4sp	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	at-9816gb	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	centrecom ar570s	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	ar745	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	ar441s	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	ar750s	scope:	eq	version:	2.9.1-20	Trust: 0.6
vendor:	alliedtelesis	model:	at-8624poe	scope:	eq	version:	2.9.1-20	Trust: 0.6

sources: CNVD: CNVD-2014-09058 // JVNDB: JVNDB-2014-000132 // CNNVD: CNNVD-201412-426 // NVD: CVE-2014-7249

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-7249
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2014-000132
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2014-09058
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201412-426
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-75194
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-7249
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IPA:	JVNDB-2014-000132
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2014-09058
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-75194
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2014-09058 // VULHUB: VHN-75194 // JVNDB: JVNDB-2014-000132 // CNNVD: CNNVD-201412-426 // NVD: CVE-2014-7249

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-75194 // JVNDB: JVNDB-2014-000132 // NVD: CVE-2014-7249

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201412-426

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201412-426

CONFIGURATIONS

sources: JVNDB: JVNDB-2014-000132

PATCH

title:	Allied Telesis Group website	url:	http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111a.html	Trust: 0.8
title:	Patch for multiple Allied Telesis product buffer overflow vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/53080	Trust: 0.6

sources: CNVD: CNVD-2014-09058 // JVNDB: JVNDB-2014-000132

EXTERNAL IDS

db:	NVD	id:	CVE-2014-7249	Trust: 3.4
db:	JVNDB	id:	JVNDB-2014-000132	Trust: 3.1
db:	JVN	id:	JVN22440986	Trust: 2.5
db:	BID	id:	72382	Trust: 1.0
db:	CNVD	id:	CNVD-2014-09058	Trust: 0.6
db:	CNNVD	id:	CNNVD-201412-426	Trust: 0.6
db:	VULHUB	id:	VHN-75194	Trust: 0.1

sources: CNVD: CNVD-2014-09058 // VULHUB: VHN-75194 // BID: 72382 // JVNDB: JVNDB-2014-000132 // CNNVD: CNNVD-201412-426 // NVD: CVE-2014-7249

REFERENCES

url:	http://jvn.jp/en/jp/jvn22440986/index.html	Trust: 2.5
url:	http://www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.html	Trust: 1.7
url:	http://jvndb.jvn.jp/jvndb/jvndb-2014-000132	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-7249	Trust: 0.8
url:	http://www.ipa.go.jp/security/ciadr/vul/20141218-jvn.html	Trust: 0.8
url:	https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-7249	Trust: 0.8
url:	http://jvndb.jvn.jp/en/contents/2014/jvndb-2014-000132.html	Trust: 0.6

sources: CNVD: CNVD-2014-09058 // VULHUB: VHN-75194 // JVNDB: JVNDB-2014-000132 // CNNVD: CNNVD-201412-426 // NVD: CVE-2014-7249

CREDITS

Allied Telesis

Trust: 0.3

sources: BID: 72382

SOURCES

db:	CNVD	id:	CNVD-2014-09058
db:	VULHUB	id:	VHN-75194
db:	BID	id:	72382
db:	JVNDB	id:	JVNDB-2014-000132
db:	CNNVD	id:	CNNVD-201412-426
db:	NVD	id:	CVE-2014-7249

LAST UPDATE DATE

2025-04-13T23:34:06+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-09058	date:	2014-12-23T00:00:00
db:	VULHUB	id:	VHN-75194	date:	2014-12-19T00:00:00
db:	BID	id:	72382	date:	2015-01-30T00:00:00
db:	JVNDB	id:	JVNDB-2014-000132	date:	2015-01-28T00:00:00
db:	CNNVD	id:	CNNVD-201412-426	date:	2014-12-26T00:00:00
db:	NVD	id:	CVE-2014-7249	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-09058	date:	2014-12-23T00:00:00
db:	VULHUB	id:	VHN-75194	date:	2014-12-19T00:00:00
db:	BID	id:	72382	date:	2015-01-30T00:00:00
db:	JVNDB	id:	JVNDB-2014-000132	date:	2014-12-18T00:00:00
db:	CNNVD	id:	CNNVD-201412-426	date:	2014-12-22T00:00:00
db:	NVD	id:	CVE-2014-7249	date:	2014-12-19T11:59:01.400