Allegro.RomPager.Cookie.Remote.Code.Execution
Description
This indicates detection of a remote code execution vulnerability in the RomPager that is reportedly embeded in more than 200 different models of network devices of various manufacturers and brands.
The vulnerability is caused by an error when the vulnerable software handles an HTTP request with malformed Cookies. A successful exploitation allows an attacker to remotely take over the device with administrative privileges.
Affected Products
RomPager version prior to 4.34
Impact
System Compromise: Remote attackers can take over the affected device with administrative privileges
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.allegrosoft.com
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |