SB2021020415 - Multiple vulnerabilities in Cisco Small Business RV Series Routers

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021020415

SB2021020415 - Multiple vulnerabilities in Cisco Small Business RV Series Routers

Published: February 4, 2021

Security Bulletin ID SB2021020415
Severity
Low
Patch available
YES
Number of vulnerabilities 35
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 35 secuirty vulnerabilities.


1) Stack-based buffer overflow (CVE-ID: CVE-2021-1319)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Stack-based buffer overflow (CVE-ID: CVE-2021-1335)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Stack-based buffer overflow (CVE-ID: CVE-2021-1348)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


4) Stack-based buffer overflow (CVE-ID: CVE-2021-1347)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Stack-based buffer overflow (CVE-ID: CVE-2021-1346)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


6) Stack-based buffer overflow (CVE-ID: CVE-2021-1345)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


7) Stack-based buffer overflow (CVE-ID: CVE-2021-1344)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


8) Stack-based buffer overflow (CVE-ID: CVE-2021-1343)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


9) Stack-based buffer overflow (CVE-ID: CVE-2021-1342)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


10) Stack-based buffer overflow (CVE-ID: CVE-2021-1341)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


11) Stack-based buffer overflow (CVE-ID: CVE-2021-1340)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


12) Stack-based buffer overflow (CVE-ID: CVE-2021-1339)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


13) Stack-based buffer overflow (CVE-ID: CVE-2021-1338)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


14) Stack-based buffer overflow (CVE-ID: CVE-2021-1337)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


15) Stack-based buffer overflow (CVE-ID: CVE-2021-1336)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


16) Stack-based buffer overflow (CVE-ID: CVE-2021-1334)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


17) Stack-based buffer overflow (CVE-ID: CVE-2021-1320)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


18) Stack-based buffer overflow (CVE-ID: CVE-2021-1333)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


19) Stack-based buffer overflow (CVE-ID: CVE-2021-1332)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


20) Stack-based buffer overflow (CVE-ID: CVE-2021-1331)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


21) Stack-based buffer overflow (CVE-ID: CVE-2021-1330)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


22) Stack-based buffer overflow (CVE-ID: CVE-2021-1329)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


23) Stack-based buffer overflow (CVE-ID: CVE-2021-1328)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


24) Stack-based buffer overflow (CVE-ID: CVE-2021-1327)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


25) Stack-based buffer overflow (CVE-ID: CVE-2021-1326)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


26) Stack-based buffer overflow (CVE-ID: CVE-2021-1325)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


27) Stack-based buffer overflow (CVE-ID: CVE-2021-1324)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


28) Stack-based buffer overflow (CVE-ID: CVE-2021-1323)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


29) Stack-based buffer overflow (CVE-ID: CVE-2021-1322)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


30) Stack-based buffer overflow (CVE-ID: CVE-2021-1321)

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


31) Command Injection (CVE-ID: CVE-2021-1318)

The vulnerability allows a remote user to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.


32) Command Injection (CVE-ID: CVE-2021-1317)

The vulnerability allows a remote user to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.


33) Command Injection (CVE-ID: CVE-2021-1316)

The vulnerability allows a remote user to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.


34) Command Injection (CVE-ID: CVE-2021-1315)

The vulnerability allows a remote user to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.


35) Command Injection (CVE-ID: CVE-2021-1314)

The vulnerability allows a remote user to execute arbitrary commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted HTTP request and execute arbitrary commands on the target system.


Remediation

Install update from vendor's website.

References