Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Meraki Ms
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-0284 1 Cisco 12 Meraki Mr, Meraki Mr 24 Firmware, Meraki Mr 25 Firmware and 9 more 2024-02-04 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the attacker to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.
CVE-2014-7995 1 Cisco 6 Meraki Mr, Meraki Mr Firmware, Meraki Ms and 3 more 2024-02-04 7.2 HIGH N/A
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow physically proximate attackers to obtain shell access by opening a device's case and connecting a cable to a serial port, aka Cisco-Meraki defect ID 00302077.
CVE-2014-7993 1 Cisco 6 Meraki Mr, Meraki Mr Firmware, Meraki Ms and 3 more 2024-02-04 3.3 LOW N/A
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to obtain sensitive credential information by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00302012.
CVE-2014-7999 1 Cisco 6 Meraki Mr, Meraki Mr Firmware, Meraki Ms and 3 more 2024-02-04 7.7 HIGH N/A
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.
CVE-2014-7994 1 Cisco 6 Meraki Mr, Meraki Mr Firmware, Meraki Ms and 3 more 2024-02-04 5.4 MEDIUM N/A
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to execute arbitrary commands by leveraging knowledge of a cross-device secret and a per-device secret, and sending a request to an unspecified HTTP handler on the local network, aka Cisco-Meraki defect ID 00301991.