Unrated severityNVD Advisory· Published Dec 19, 2014· Updated May 6, 2026

CVE-2014-7249

Description

Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.

Affected products

Alliedtelesis/Ar440s
cpe:2.3:h:alliedtelesis:ar440s:-:*:*:*:*:*:*:*
Alliedtelesis/Ar441s
cpe:2.3:h:alliedtelesis:ar441s:-:*:*:*:*:*:*:*
Alliedtelesis/Ar442s
cpe:2.3:h:alliedtelesis:ar442s:-:*:*:*:*:*:*:*
Alliedtelesis/Ar745
cpe:2.3:h:alliedtelesis:ar745:-:*:*:*:*:*:*:*
Alliedtelesis/Ar750s
cpe:2.3:h:alliedtelesis:ar750s:-:*:*:*:*:*:*:*
Alliedtelesis/Ar750s Dp
cpe:2.3:h:alliedtelesis:ar750s-dp:-:*:*:*:*:*:*:*
Alliedtelesis/At 8624poe
cpe:2.3:h:alliedtelesis:at-8624poe:*:*:*:*:*:*:*:*
Alliedtelesis/At 8624t\/2m
cpe:2.3:h:alliedtelesis:at-8624t\/2m:*:*:*:*:*:*:*:*
Alliedtelesis/At 8648t\/2sp
cpe:2.3:h:alliedtelesis:at-8648t\/2sp:*:*:*:*:*:*:*:*
Alliedtelesis/At 8748xl
cpe:2.3:h:alliedtelesis:at-8748xl:*:*:*:*:*:*:*:*
Alliedtelesis/At 8848
cpe:2.3:h:alliedtelesis:at-8848:*:*:*:*:*:*:*:*
Alliedtelesis/At 9816gb
cpe:2.3:h:alliedtelesis:at-9816gb:*:*:*:*:*:*:*:*
Alliedtelesis/At 9924t
cpe:2.3:h:alliedtelesis:at-9924t:*:*:*:*:*:*:*:*
Alliedtelesis/At 9924ts
cpe:2.3:h:alliedtelesis:at-9924ts:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom 8948xl
cpe:2.3:h:alliedtelesis:centrecom_8948xl:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom 9924sp
cpe:2.3:h:alliedtelesis:centrecom_9924sp:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom 9924t\/4sp
cpe:2.3:h:alliedtelesis:centrecom_9924t\/4sp:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom Ar415s
cpe:2.3:h:alliedtelesis:centrecom_ar415s:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom Ar450s
cpe:2.3:h:alliedtelesis:centrecom_ar450s:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom Ar550s
cpe:2.3:h:alliedtelesis:centrecom_ar550s:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom Ar570s
cpe:2.3:h:alliedtelesis:centrecom_ar570s:*:*:*:*:*:*:*:*
Alliedtelesis/Centrecom Ar8700sl
cpe:2.3:h:alliedtelesis:centrecom_ar8700sl:*:*:*:*:*:*:*:*
Alliedtelesis/Rapier 48i
cpe:2.3:h:alliedtelesis:rapier_48i:*:*:*:*:*:*:*:*
Alliedtelesis/Switchblade4000
cpe:2.3:h:alliedtelesis:switchblade4000:*:*:*:*:*:*:*:*
Alliedtelesis/Ar440s Firmware
cpe:2.3:o:alliedtelesis:ar440s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Ar441s Firmware
cpe:2.3:o:alliedtelesis:ar441s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Ar442s Firmware
cpe:2.3:o:alliedtelesis:ar442s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Ar745 Firmware
cpe:2.3:o:alliedtelesis:ar745_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Ar750s Dp Firmware
cpe:2.3:o:alliedtelesis:ar750s-dp_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Ar750s Firmware
cpe:2.3:o:alliedtelesis:ar750s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 8624poe Firmware
cpe:2.3:o:alliedtelesis:at-8624poe_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 8624t\/2m Firmware
cpe:2.3:o:alliedtelesis:at-8624t\/2m_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 8648t\/2sp Firmware
cpe:2.3:o:alliedtelesis:at-8648t\/2sp_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 8748xl Firmware
cpe:2.3:o:alliedtelesis:at-8748xl_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 8848 Firmware
cpe:2.3:o:alliedtelesis:at-8848_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 9816gb Firmware
cpe:2.3:o:alliedtelesis:at-9816gb_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 9924t Firmware
cpe:2.3:o:alliedtelesis:at-9924t_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/At 9924ts Firmware
cpe:2.3:o:alliedtelesis:at-9924ts_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom 8700sl Firmware
cpe:2.3:o:alliedtelesis:centrecom_8700sl_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom 8948xl Firmware
cpe:2.3:o:alliedtelesis:centrecom_8948xl_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom 9924sp Firmware
cpe:2.3:o:alliedtelesis:centrecom_9924sp_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom 9924t\/4sp Firmware
cpe:2.3:o:alliedtelesis:centrecom_9924t\/4sp_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom Ar415s Firmware
cpe:2.3:o:alliedtelesis:centrecom_ar415s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom Ar450s Firmware
cpe:2.3:o:alliedtelesis:centrecom_ar450s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom Ar550s Firmware
cpe:2.3:o:alliedtelesis:centrecom_ar550s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Centrecom Ar570s Firmware
cpe:2.3:o:alliedtelesis:centrecom_ar570s_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Rapier 48i Firmware
cpe:2.3:o:alliedtelesis:rapier_48i_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20
Alliedtelesis/Switchblade4000 Firmware
cpe:2.3:o:alliedtelesis:switchblade4000_firmware:*:*:*:*:*:*:*:*
Range: <=2.9.1-20

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN22440986/index.htmlnvdVendor Advisory
jvndb.jvn.jp/jvndb/JVNDB-2014-000132nvdVendor Advisory
www.allied-telesis.co.jp/support/list/faq/vuls/20141111aen.htmlnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000