Critical

Misfortune Cookie in AllegroSoft RomPager

IdentifiersCVE-2014-9222CWE-119

CVE-2014-9222, known as Misfortune Cookie, affects AllegroSoft RomPager 4.34 and earlier. As described in the provided content, the flaw is triggered by a crafted HTTP cookie and results in memory corruption in RomPager, a web server component embedded in Huawei Home Gateway products and other vendors' devices. Successful exploitation allows a remote attacker to gain privileges on affected devices.

For your environment

Are you exposed to this one?

Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.

Start free trial

ANALYST BRIEF

Impact, mitigation & remediation

What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.

Impact

What an attacker gets, and what they’ve been doing with it.

Successful exploitation can allow a remote attacker to gain elevated privileges on the affected embedded device. Given RomPager’s role in Internet-facing management interfaces on gateways and similar appliances, this can lead to compromise of the device, unauthorized administrative control, and potential follow-on access within the local network segment served by the device.

Mitigation

If you can’t patch tonight, do this now.

If immediate patching is not possible, reduce exposure of the embedded web management interface by disabling Internet-facing administration, restricting access to trusted management networks, and filtering access to the HTTP interface with ACLs or firewall policy. Where feasible, disable unused remote management services and segment affected devices from untrusted networks until patched or replaced.

Remediation

Patch, then assume compromise.

Upgrade or replace affected firmware containing vulnerable AllegroSoft RomPager versions. The provided content states that RomPager 4.34 and earlier are affected, so remediation requires vendor firmware that incorporates a fixed RomPager version or equivalent vendor patch. For products still in service, apply the latest vendor-supported firmware. The content also notes that certain AudioCodes Session Border Controllers were patched in 2024 for this issue; for those products, update to a non-vulnerable firmware release.

PUBLIC EXPLOITS

Exploits

No public exploits tracked yet. Mallory keeps watching.

VALID 0 / 0 TOTALView more in app

No public exploit code observed for this vulnerability.

EXPOSURE SURFACE

Affected products & vendors

Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.

VendorProductType

AllegrosoftRompagerapplication

Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.

ACTIVITY FEED

Recent activity

6 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.

6 SOURCESView more in app

mdpiNews

May 2, 2026

Evolving IoT Botnet Threats and Practical Honeypot Observation: A Summary Review and Experimental Study

An IoT vulnerability cited as an example of insecure Telnet services used to emulate common botnet-targeted device weaknesses in the honeypot study.

What this page doesn’t show

The version that knows your environment.

This page is what’s public. Mallory adds the parts that aren’t: which of your assets are affected, which adversaries are exploiting it right now, which detections to deploy, and what to do tonight.

Start free trial

Exposure mapping

Query your assets running an affected version, and investigate the blast radius.

Threat actor evidence

Every observed campaign linking this CVE to a named adversary.

Associated malware1

Malware families riding this exploit, with evidence and IOCs.

Detection signatures

YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.

Vendor-by-vendor mapping

Cross-references every affected SKU, including bundled OEM variants.

Social activity5

Community discussion across Reddit, Mastodon, and other social sources.

EXTERNAL REFERENCES

MITRE CVE

cve.org · CVE-2014-9222

NVD

nvd.nist.gov/vuln/detail/CVE-2014-9222

MITRE CWE · CWE-119

cwe.mitre.org

Vendor Advisory

huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-407666.htm

Third Party Advisory

mis.fortunecook.ie

Third Party Advisory

seclists.org/fulldisclosure/2014/Dec/87

Third Party Advisory

kb.cert.org/vuls/id/561444

Third Party Advisory

allegrosoft.com/allegro-software-urges-manufacturers-to-maintain-firmware-for-highest-level-of-embedded-device-security/news-press.html

securityfocus.com

securityfocus.com/bid/105173