CVE-2015-6401

Cisco Epc3928 Docsis 3.0 8x4 Wireless... - Authentication Bypass

Title source: rule

Description

Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP request, aka Bug ID CSCux24941.

Exploits (1)

exploitdb WORKING POC

by Patryk Bogdan · textwebappsasp

https://www.exploit-db.com/exploits/39904

View Code ZIP pw:eip

References (3)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151208-cwr

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/39904/

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034347

Scores

EPSS 0.0787

EPSS Percentile 91.9%

Classification

CWE

CWE-287

Status draft

Affected Products (3)

cisco/epc3928_docsis_3.0_8x4_wireless_residential_gateway_with_embedded_digital_voice_adapter

Timeline

Published Dec 14, 2015

Tracked Since Feb 18, 2026