Intrusion Prevention



Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute administrative functions via a crafted HTTP request.

Affected Products

Cisco Model EPC3928 DOCSIS 3.0 8x4 Wireless Residential Gateway


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's advisory for mitigation:
Verify access to the web-based management panel and make sure that it is not reachable from an external network.

CVE References