NVD

CVE-2014-7249 (ar440s, ar440s_firmware, ar441s, ar441s_firmware, ar442s, ar442s_firmware, ar745, ar745_firmware, ar750s, ar750s-dp, ar750s-dp_firmware, ar750s_firmware, at-8624poe, at-8624poe_firmware, at-8624t/2m, at-8624t/2m_firmware, at-8648t/2sp, at-8648t/2sp_firmware, at-8748xl, at-8748xl_firmware, at-8848, at-8848_firmware, at-9816gb, at-9816gb_firmware, at-9924t, at-9924t_firmware, at-9924ts, at-9924ts_firmware, centrecom_8700sl_firmware, centrecom_8948xl, centrecom_8948xl_firmware, centrecom_9924sp, centrecom_9924sp_firmware, centrecom_9924t/4sp, centrecom_9924t/4sp_firmware, centrecom_ar415s, centrecom_ar415s_firmware, centrecom_ar450s, centrecom_ar450s_firmware, centrecom_ar550s, centrecom_ar550s_firmware, centrecom_ar570s, centrecom_ar570s_firmware, centrecom_ar8700sl, rapier_48i, rapier_48i_firmware, switchblade4000, switchblade4000_firmware)

Buffer overflow on the Allied Telesis AR440S, AR441S, AR442S, AR745, AR750S, AR750S-DP, AT-8624POE, AT-8624T/2M, AT-8648T/2SP, AT-8748XL, AT-8848, AT-9816GB, AT-9924T, AT-9924Ts, CentreCOM AR415S, CentreCOM AR450S, CentreCOM AR550S, CentreCOM AR570S, CentreCOM 8700SL, CentreCOM 8948XL, CentreCOM 9924SP, CentreCOM 9924T/4SP, Rapier 48i, and SwitchBlade4000 with firmware before 2.9.1-21 allows remote attackers to execute arbitrary code via a crafted HTTP POST request.