Multiple vulnerabilities in Cisco Small Business RV110W, RV130, RV130W and RV215W Routers
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 69 |
| CVE-ID | CVE-2021-1159 CVE-2021-1205 CVE-2021-1193 CVE-2021-1194 CVE-2021-1195 CVE-2021-1196 CVE-2021-1197 CVE-2021-1198 CVE-2021-1199 CVE-2021-1200 CVE-2021-1201 CVE-2021-1202 CVE-2021-1203 CVE-2021-1204 CVE-2021-1206 CVE-2021-1191 CVE-2021-1207 CVE-2021-1208 CVE-2021-1209 CVE-2021-1210 CVE-2021-1211 CVE-2021-1212 CVE-2021-1213 CVE-2021-1214 CVE-2021-1215 CVE-2021-1216 CVE-2021-1217 CVE-2021-1307 CVE-2021-1360 CVE-2021-1192 CVE-2021-1190 CVE-2021-1160 CVE-2021-1174 CVE-2021-1161 CVE-2021-1162 CVE-2021-1163 CVE-2021-1164 CVE-2021-1165 CVE-2021-1166 CVE-2021-1167 CVE-2021-1168 CVE-2021-1169 CVE-2021-1170 CVE-2021-1171 CVE-2021-1172 CVE-2021-1173 CVE-2021-1175 CVE-2021-1189 CVE-2021-1176 CVE-2021-1177 CVE-2021-1178 CVE-2021-1179 CVE-2021-1180 CVE-2021-1181 CVE-2021-1182 CVE-2021-1183 CVE-2021-1184 CVE-2021-1185 CVE-2021-1186 CVE-2021-1187 CVE-2021-1188 CVE-2021-1158 CVE-2021-1157 CVE-2021-1156 CVE-2021-1155 CVE-2021-1154 CVE-2021-1153 CVE-2021-1152 CVE-2021-1151 |
| CWE-ID | CWE-121 CWE-79 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
RV110W Wireless-N VPN Firewall Hardware solutions / Routers for home users Cisco Small Business RV130 Series VPN Routers Hardware solutions / Routers for home users RV130W Wireless-N Multifunction VPN Router Hardware solutions / Routers for home users RV215W Wireless-N VPN Router Hardware solutions / Routers for home users |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 69 vulnerabilities.
1) Stack-based buffer overflow
EUVDB-ID: #VU49607
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1159
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Stack-based buffer overflow
EUVDB-ID: #VU49653
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1205
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Stack-based buffer overflow
EUVDB-ID: #VU49641
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1193
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Stack-based buffer overflow
EUVDB-ID: #VU49642
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1194
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Stack-based buffer overflow
EUVDB-ID: #VU49643
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1195
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Stack-based buffer overflow
EUVDB-ID: #VU49644
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1196
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Stack-based buffer overflow
EUVDB-ID: #VU49645
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1197
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Stack-based buffer overflow
EUVDB-ID: #VU49646
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1198
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Stack-based buffer overflow
EUVDB-ID: #VU49647
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1199
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Stack-based buffer overflow
EUVDB-ID: #VU49648
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1200
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Stack-based buffer overflow
EUVDB-ID: #VU49649
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1201
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Stack-based buffer overflow
EUVDB-ID: #VU49650
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1202
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Stack-based buffer overflow
EUVDB-ID: #VU49651
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1203
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Stack-based buffer overflow
EUVDB-ID: #VU49652
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1204
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Stack-based buffer overflow
EUVDB-ID: #VU49654
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1206
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Stack-based buffer overflow
EUVDB-ID: #VU49639
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1191
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Stack-based buffer overflow
EUVDB-ID: #VU49655
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1207
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Stack-based buffer overflow
EUVDB-ID: #VU49656
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1208
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Stack-based buffer overflow
EUVDB-ID: #VU49657
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1209
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Stack-based buffer overflow
EUVDB-ID: #VU49658
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1210
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Stack-based buffer overflow
EUVDB-ID: #VU49659
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1211
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Stack-based buffer overflow
EUVDB-ID: #VU49660
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1212
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Stack-based buffer overflow
EUVDB-ID: #VU49662
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1213
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Stack-based buffer overflow
EUVDB-ID: #VU49663
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1214
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Stack-based buffer overflow
EUVDB-ID: #VU49664
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1215
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Stack-based buffer overflow
EUVDB-ID: #VU49665
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1216
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Stack-based buffer overflow
EUVDB-ID: #VU49666
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1217
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Stack-based buffer overflow
EUVDB-ID: #VU49667
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1307
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Stack-based buffer overflow
EUVDB-ID: #VU49668
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1360
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Stack-based buffer overflow
EUVDB-ID: #VU49640
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1192
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Stack-based buffer overflow
EUVDB-ID: #VU49638
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1190
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Stack-based buffer overflow
EUVDB-ID: #VU49608
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1160
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Stack-based buffer overflow
EUVDB-ID: #VU49622
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1174
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Stack-based buffer overflow
EUVDB-ID: #VU49609
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1161
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Stack-based buffer overflow
EUVDB-ID: #VU49610
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1162
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Stack-based buffer overflow
EUVDB-ID: #VU49611
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1163
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Stack-based buffer overflow
EUVDB-ID: #VU49612
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1164
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Stack-based buffer overflow
EUVDB-ID: #VU49613
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1165
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Stack-based buffer overflow
EUVDB-ID: #VU49614
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1166
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Stack-based buffer overflow
EUVDB-ID: #VU49615
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C]
CVE-ID: CVE-2021-1167
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
41) Stack-based buffer overflow
EUVDB-ID: #VU49616
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1168
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Stack-based buffer overflow
EUVDB-ID: #VU49617
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1169
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Stack-based buffer overflow
EUVDB-ID: #VU49618
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1170
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Stack-based buffer overflow
EUVDB-ID: #VU49619
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1171
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Stack-based buffer overflow
EUVDB-ID: #VU49620
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1172
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Stack-based buffer overflow
EUVDB-ID: #VU49621
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1173
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Stack-based buffer overflow
EUVDB-ID: #VU49623
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1175
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Stack-based buffer overflow
EUVDB-ID: #VU49637
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1189
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Stack-based buffer overflow
EUVDB-ID: #VU49624
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1176
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Stack-based buffer overflow
EUVDB-ID: #VU49625
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1177
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Stack-based buffer overflow
EUVDB-ID: #VU49626
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1178
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Stack-based buffer overflow
EUVDB-ID: #VU49627
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1179
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Stack-based buffer overflow
EUVDB-ID: #VU49628
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1180
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Stack-based buffer overflow
EUVDB-ID: #VU49629
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1181
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Stack-based buffer overflow
EUVDB-ID: #VU49630
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1182
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Stack-based buffer overflow
EUVDB-ID: #VU49631
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1183
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Stack-based buffer overflow
EUVDB-ID: #VU49632
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1184
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Stack-based buffer overflow
EUVDB-ID: #VU49633
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1185
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Stack-based buffer overflow
EUVDB-ID: #VU49634
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1186
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Stack-based buffer overflow
EUVDB-ID: #VU49635
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1187
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Stack-based buffer overflow
EUVDB-ID: #VU49636
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1188
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Stored cross-site scripting
EUVDB-ID: #VU49606
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1158
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Stored cross-site scripting
EUVDB-ID: #VU49605
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1157
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Stored cross-site scripting
EUVDB-ID: #VU49604
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1156
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Stored cross-site scripting
EUVDB-ID: #VU49603
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1155
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Stored cross-site scripting
EUVDB-ID: #VU49602
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1154
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Stored cross-site scripting
EUVDB-ID: #VU49601
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1153
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Stored cross-site scripting
EUVDB-ID: #VU49600
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1152
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Stored cross-site scripting
EUVDB-ID: #VU49599
Risk: Low
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2021-1151
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsRV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7
RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7
RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7
Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
