CVE-2014-7999
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote authenticated users to install arbitrary firmware by leveraging unspecified HTTP handler access on the local network, aka Cisco-Meraki defect ID 00478565.
Date published : 2014-12-23
http://tools.cisco.com/security/center/viewAlert.x?alertId=36800