CVE-2014-0659

Cisco RVS4000, WRVS4400N, and WAP4410N Firmware - Remote Code Execution via Test Interface

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2014-0659. PoCs published by Metasploit, including Metasploit module auxiliary/scanner/misc/sercomm_backdoor_scanner.

AI-analyzed exploit summary This Metasploit module exploits a backdoor in SerComm devices (e.g., NetGear DG834) via TCP port 32764, allowing remote code execution by sending a crafted payload to the backdoor service. It supports both MIPS big and little endian targets.

Description

The Cisco WAP4410N access point with firmware through 2.0.6.1, WRVS4400N router with firmware 1.x through 1.1.13 and 2.x through 2.0.2.1, and RVS4000 router with firmware through 2.0.3.2 allow remote attackers to read credential and configuration data, and execute arbitrary commands, via requests to the test interface on TCP port 32764, aka Bug IDs CSCum37566, CSCum43693, CSCum43700, and CSCum43685.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotehardware
https://www.exploit-db.com/exploits/30915

This Metasploit module exploits a backdoor in SerComm devices (e.g., NetGear DG834) via TCP port 32764, allowing remote code execution by sending a crafted payload to the backdoor service. It supports both MIPS big and little endian targets.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SerComm devices (e.g., NetGear DG834, Linksys routers)
No auth needed
Prerequisites: Network access to TCP port 32764 on the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit SCANNER
rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/misc/sercomm_backdoor_scanner.rb

This Metasploit auxiliary module scans for the presence of a backdoor in SerComm network devices by sending a random 5-byte string to port 32764 and checking the response for specific signatures indicating endianness.

Classification
Scanner 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: SerComm network devices (various models)
No auth needed
Prerequisites: Network access to port 32764 on the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/sercomm_exec.rb

This Metasploit module exploits a backdoor in SerComm devices (e.g., NetGear, Linksys, Cisco, Honeywell) via TCP port 32764, allowing remote code execution by sending a crafted payload to the vulnerable service. The exploit supports multiple architectures (MIPS BE/LE) and devices, with configurable payload encoding and execution methods.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: SerComm-based devices (e.g., NetGear DG834, Cisco WAP4410N, Honeywell WAP-PL2 IP Camera)
No auth needed
Prerequisites: Network access to TCP port 32764 on the target device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/56292
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90233
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/64776
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1029580
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1029579

Scores

EPSS 0.7382
EPSS Percentile 99.4%

Details

CWE
CWE-78
Status published
Products (16)
cisco/rvs4000
cisco/rvs4000_firmware 1.3.2.0
cisco/rvs4000_firmware 1.3.3.5
cisco/rvs4000_firmware 2.0.0.3
cisco/rvs4000_firmware 2.0.2.7
cisco/rvs4000_firmware < 2.0.3.2
cisco/wap4410n
cisco/wap4410n_firmware 2.0.2.1
cisco/wap4410n_firmware 2.0.3.3
cisco/wap4410n_firmware 2.0.4.2
... and 6 more
Published Jan 12, 2014
Tracked Since Feb 18, 2026