Search for vulnerabilities
Vulnerability details: VCID-4xx5-mty3-cbga
Vulnerability ID VCID-4xx5-mty3-cbga
Aliases CVE-2014-1610
Summary security update
Status Published
Exploitability 2.0
Weighted Severity 0.6
Risk 1.2
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.52614 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.66179 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
epss 0.66179 https://api.first.org/data/v1/epss?cve=CVE-2014-1610
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2014-1610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4567
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4568
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4572
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6453
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6472
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1610
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2665
CVE-2014-1610;OSVDB-102630 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/31767.rb
CVE-2014-1610;OSVDB-102631;OSVDB-102630 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/31329.txt
Data source Metasploit
Description MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote unauthenticated users to execute arbitrary commands via shell metacharacters. If no target file is specified this module will attempt to log in with the provided credentials to upload a file (.DjVu) to use for exploitation.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date Jan. 28, 2014
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/mediawiki_thumb.rb
Data source Exploit-DB
Date added Feb. 1, 2014
Description MediaWiki 1.22.1 PdfHandler - Remote Code Execution
Ransomware campaign use Known
Source publication date Feb. 1, 2014
Exploit type webapps
Platform multiple
Source update date Feb. 1, 2014
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.97827
EPSS Score 0.52614
Published At July 31, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T09:46:41.501712+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-wheezy.xml.bz2 37.0.0