SB2016061501 - Multiple vulnerabilities in Cisco RV110W, RV130W, and RV215W routers

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2016061501

SB2016061501 - Multiple vulnerabilities in Cisco RV110W, RV130W, and RV215W routers

Published: June 15, 2016 Updated: March 1, 2019

Security Bulletin ID SB2016061501
Severity
High
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 25% Medium 50% Low 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2016-1397)

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition.

An attacker can exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. 

2) Buffer overflow (CVE-ID: CVE-2016-1398)

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an authenticated, remote attacker to cause a buffer overflow on a targeted system, resulting in a denial of service (DoS) condition.

An attacker can exploit this vulnerability by sending an HTTP request that contains configuration commands with a crafted payload. 


3) Cross-site scripting (CVE-ID: CVE-2016-1396)

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface for a targeted device.

A successful exploit can allow the attacker to execute arbitrary script in the context of the web-based management interface for the device or allow the attacker to access sensitive browser-based information.


4) Improper input validation (CVE-ID: CVE-2016-1395)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper input validation when processing HTTP request in web management interface. A remote unauthenticated attacker can send a specially crafted HTTP request to the affected device and execute arbitrary code on the target device with root privileges.

Remediation

Install update from vendor's website.

References