ByteOS Network

Type	CWE ID	Description
CWE	CWE-119	CWE-119

Version	Base score	Base severity	Vector
3.0	7.2	HIGH	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Hyperlink	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	vendor-advisory x_refsource_CISCO

Hyperlink	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	vendor-advisory x_refsource_CISCO x_transferred

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary	3.0	7.2	HIGH	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	9.0	HIGH	AV:N/AC:L/Au:S/C:C/I:C/A:C

CWE ID	Type	Source
CWE-119	Secondary	ykramarz@cisco.com
CWE-787	Primary	nvd@nist.gov

Hyperlink	Source	Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	ykramarz@cisco.com	Patch Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory

CVE-2017-6741

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-8.8||HIGH

EPSS-13.39% / 93.92%

||

7 Day CHG-0.31%

Published-17 Jul, 2017 | 21:00

Updated-31 Jul, 2025 | 17:15

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device.  The vulnerability is due to a buffer overflow in the affected code area. The vulnerability affects all versions of SNMP (versions 1, 2c, and 3). The attacker must know the SNMP read only community string (SNMP version 2c or earlier) or the user credentials (SNMPv3). An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. Only traffic directed to the affected system can be used to exploit this vulnerability.

Vendor-IntelliShield Cisco Systems, Inc.

Product-ios_xe Cisco IOS XE Software Universal Product

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2023-20250

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-6.5||MEDIUM

EPSS-0.24% / 47.56%

||

7 Day CHG~0.00%

Published-06 Sep, 2023 | 16:59

Updated-24 Oct, 2024 | 16:49

A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware small_business_rv_series_router_firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2022-20753

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-4.7||MEDIUM

EPSS-1.67% / 81.37%

||

7 Day CHG~0.00%

Published-04 May, 2022 | 17:05

Updated-06 Nov, 2024 | 16:17

Cisco Small Business RV Series Routers Remote Code Execution Vulnerability

A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to an affected device. A successful exploit could allow the attacker to execute remote code on the affected device. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.

Vendor-Cisco Systems, Inc.

Product-rv340_firmware rv340w rv345p rv345 rv345_firmware rv345p_firmware rv340 rv340w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-12688

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-8.8||HIGH

EPSS-1.19% / 77.93%

||

7 Day CHG~0.00%

Published-02 Oct, 2019 | 19:06

Updated-26 Nov, 2024 | 16:09

Cisco Firepower Management Center Remote Code Execution Vulnerability

A vulnerability in the web UI of the Cisco Firepower Management Center (FMC) could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web UI. A successful exploit could allow the attacker to execute arbitrary commands within the affected device.

Vendor-Cisco Systems, Inc.

Product-secure_firewall_management_center Cisco Firepower Management Center

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2017-6739

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-8.8||HIGH

EPSS-17.11% / 94.74%

||

7 Day CHG-0.38%

Published-17 Jul, 2017 | 21:00

Updated-31 Jul, 2025 | 17:15

Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device.  The vulnerability is due to a buffer overflow in the affected code area. The vulnerability affects all versions of SNMP (versions 1, 2c, and 3). The attacker must know the SNMP read only community string (SNMP version 2c or earlier) or the user credentials (SNMPv3). An exploit could allow the attacker to execute arbitrary code and obtain full control of the system or to cause a reload of the affected system. Only traffic directed to the affected system can be used to exploit this vulnerability.

Vendor-IntelliShield Cisco Systems, Inc.

Product-ios_xe ios Universal Product IOS and IOS XE Software

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2021-1175

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:35

Updated-12 Nov, 2024 | 20:44

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1209

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:16

Updated-12 Nov, 2024 | 20:49

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1182

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:21

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1181

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:21

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1337

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.91% / 74.80%

||

7 Day CHG~0.00%

Published-04 Feb, 2021 | 16:41

Updated-08 Nov, 2024 | 23:49

Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.

Vendor-Cisco Systems, Inc.

Product-rv042_dual_wan_vpn_router_firmware rv016_multi-wan_vpn_router_firmware rv042_dual_wan_vpn_router rv082_dual_wan_vpn_router_firmware rv325_dual_gigabit_wan_vpn_router_firmware rv082_dual_wan_vpn_router rv016_multi-wan_vpn_router rv320_dual_gigabit_wan_vpn_router rv320_dual_gigabit_wan_vpn_router_firmware rv042g_dual_gigabit_wan_vpn_router rv325_dual_gigabit_wan_vpn_router rv042g_dual_gigabit_wan_vpn_router_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1206

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:50

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1169

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1180

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:21

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1199

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:22

Updated-12 Nov, 2024 | 20:44

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1216

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:16

Updated-12 Nov, 2024 | 20:48

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1178

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:20

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1184

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:21

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1204

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:50

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1210

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:16

Updated-12 Nov, 2024 | 20:49

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1170

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1166

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1335

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-04 Feb, 2021 | 16:41

Updated-08 Nov, 2024 | 23:48

Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.

Vendor-Cisco Systems, Inc.

Product-rv042_dual_wan_vpn_router_firmware rv016_multi-wan_vpn_router_firmware rv042_dual_wan_vpn_router rv082_dual_wan_vpn_router_firmware rv325_dual_gigabit_wan_vpn_router_firmware rv082_dual_wan_vpn_router rv016_multi-wan_vpn_router rv320_dual_gigabit_wan_vpn_router rv320_dual_gigabit_wan_vpn_router_firmware rv042g_dual_gigabit_wan_vpn_router rv325_dual_gigabit_wan_vpn_router rv042g_dual_gigabit_wan_vpn_router_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1214

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:16

Updated-12 Nov, 2024 | 20:49

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1161

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-12 Nov, 2024 | 20:42

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1208

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:49

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1172

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:35

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1198

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:22

Updated-12 Nov, 2024 | 20:44

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1173

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:35

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1360

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:46

Updated-12 Nov, 2024 | 20:39

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1194

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:22

Updated-12 Nov, 2024 | 20:45

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1207

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:50

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1200

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:53

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1167

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-5.73% / 90.09%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-08 Nov, 2024 | 18:03

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1163

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-12 Nov, 2024 | 20:42

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1196

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:22

Updated-12 Nov, 2024 | 20:44

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1183

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:21

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1165

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:36

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1201

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:50

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1177

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:20

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1179

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:20

Updated-12 Nov, 2024 | 20:46

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1185

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:21

Updated-12 Nov, 2024 | 20:45

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1203

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.31% / 53.48%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:15

Updated-12 Nov, 2024 | 20:50

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware rv130_firmware rv110w rv110w_firmware rv130w rv215w rv130 rv215w_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1174

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:35

Updated-12 Nov, 2024 | 20:44

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1189

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:10

Updated-12 Nov, 2024 | 20:53

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1323

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-04 Feb, 2021 | 16:42

Updated-08 Nov, 2024 | 23:45

Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. These vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device.

Vendor-Cisco Systems, Inc.

Product-rv042_dual_wan_vpn_router_firmware rv016_multi-wan_vpn_router_firmware rv042_dual_wan_vpn_router rv082_dual_wan_vpn_router_firmware rv325_dual_gigabit_wan_vpn_router_firmware rv082_dual_wan_vpn_router rv016_multi-wan_vpn_router rv320_dual_gigabit_wan_vpn_router rv320_dual_gigabit_wan_vpn_router_firmware rv042g_dual_gigabit_wan_vpn_router rv325_dual_gigabit_wan_vpn_router rv042g_dual_gigabit_wan_vpn_router_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1193

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:22

Updated-12 Nov, 2024 | 20:45

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-1171

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-0.51% / 65.18%

||

7 Day CHG~0.00%

Published-13 Jan, 2021 | 21:35

Updated-12 Nov, 2024 | 20:43

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Vendor-Cisco Systems, Inc.

Product-rv130w_firmware application_extension_platform rv130_vpn_router rv130_vpn_router_firmware rv215w_wireless-n_vpn_router rv110w rv215w_wireless-n_vpn_router_firmware rv110w_firmware rv130w Cisco Small Business RV Series Router Firmware

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2013-1179

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-9||HIGH

EPSS-4.42% / 88.60%

||

7 Day CHG~0.00%

Published-25 Apr, 2013 | 10:00

Updated-11 Apr, 2025 | 00:51

Multiple buffer overflows in the (1) SNMP and (2) License Manager implementations in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allow remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54830.

Vendor-n/a Cisco Systems, Inc.

Product-nexus_7000 nexus_7000_10-slot nexus_7000_18-slot nx-os mds_9000 nexus_7000_9-slot n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2013-1180

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-9||HIGH

EPSS-4.42% / 88.60%

||

7 Day CHG~0.00%

Published-25 Apr, 2013 | 10:00

Updated-11 Apr, 2025 | 00:51

Buffer overflow in the SNMP implementation in Cisco NX-OS on Nexus 7000 devices 4.x and 5.x before 5.2(5) and 6.x before 6.1(1) and MDS 9000 devices 4.x and 5.x before 5.2(5) allows remote authenticated users to execute arbitrary code via a crafted SNMP request, aka Bug ID CSCtx54822.

Vendor-n/a Cisco Systems, Inc.

Product-nexus_7000 nexus_7000_10-slot nexus_7000_18-slot nx-os mds_9000 nexus_7000_9-slot n/a

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2020-3288

Matching Score-10

Assigner-Cisco Systems, Inc.

View Details

Matching Score-10

Assigner-Cisco Systems, Inc.

CVSS Score-7.2||HIGH

EPSS-3.35% / 86.81%

||

7 Day CHG~0.00%

Published-18 Jun, 2020 | 02:15

Updated-15 Nov, 2024 | 17:08

Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.

Vendor-Cisco Systems, Inc.

Product-rv325 rv320 rv042 rv016_firmware rv042g rv082 rv320_firmware rv042_firmware rv325_firmware rv082_firmware rv016 rv042g_firmware Cisco Small Business RV Series Router Firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-15992

Credits

Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs