Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability

A vulnerability in the HTTP server on the Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter (EDVA) could allow an unauthenticated, remote attacker to access sensitive information located on the device.

The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to access sensitive information from the device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

This advisory is available at the following link: http://ift.tt/1NzMXf3

from Cisco Security Advisory http://ift.tt/1NzMXf3