{"id": "CISCO-SA-RV-RCE-Q3RXHNVM", "type": "cisco", "bulletinFamily": "software", "title": "Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability", "description": "A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.\n\nThe vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device.\n\nCisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\nThis advisory is available at the following link:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm [\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm\"]", "published": "2021-04-07T16:00:00", "modified": "2021-04-07T16:00:00", "cvss": {"score": 9.8, "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm", "reporter": "Cisco", "references": ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm"], "cvelist": ["CVE-2021-1459"], "immutableFields": [], "lastseen": "2021-04-07T16:31:32", "viewCount": 26, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-1459"]}, {"type": "thn", "idList": ["THN:F2A37F040B6AE81E1646EC5E0EE9EEA2"]}, {"type": "cisco", "idList": ["CISCO-SA-RV-RCE-Q3RXHNVM"]}], "modified": "2021-04-07T16:31:32", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2021-04-07T16:31:32", "rev": 2}, "vulnersScore": 8.0}, "affectedSoftware": [{"version": "any", "operator": "eq", "name": "cisco small business rv series router firmware"}, {"version": "any", "operator": "eq", "name": "cisco small business rv series router firmware"}]}

{"cve": [{"lastseen": "2021-04-28T11:49:16", "description": "A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device. Cisco has not released software updates that address this vulnerability.", "edition": 4, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-04-08T04:15:00", "title": "CVE-2021-1459", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-1459"], "modified": "2021-04-19T15:42:00", "cpe": ["cpe:/o:cisco:rv110w_firmware:1.0.3.55", "cpe:/o:cisco:rv130w_firmware:1.0.3.55", "cpe:/o:cisco:rv215w_firmware:1.0.3.55", "cpe:/o:cisco:rv130_firmware:1.0.3.55"], "id": "CVE-2021-1459", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1459", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:cisco:rv130w_firmware:1.0.3.55:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:rv130_firmware:1.0.3.55:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:rv110w_firmware:1.0.3.55:*:*:*:*:*:*:*", "cpe:2.3:o:cisco:rv215w_firmware:1.0.3.55:*:*:*:*:*:*:*"]}], "thn": [{"lastseen": "2021-04-09T12:27:52", "bulletinFamily": "info", "cvelist": ["CVE-2021-1137", "CVE-2021-1459", "CVE-2021-1479", "CVE-2021-1480"], "description": "[](<https://thehackernews.com/images/-0N_wxN59zE4/YHAXBYizABI/AAAAAAAACOQ/7fs1dXgboqQkpVRvRqgHZwLTbBVCEwMywCLcBGAsYHQ/s0/cisco.jpg>)\n\nNetworking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices.\n\nThe bug, tracked as CVE-2021-1459, is rated with a CVSS score of 9.8 out of 10, and affects RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers, allowing an unauthenticated, remote attacker to execute arbitrary code on an affected appliance.\n\n[](<https://go.thn.li/inside11> \"password auditor\" )\n\nThe flaw, which stems from improper validation of user-supplied input in the web-based management interface, could be exploited by a malicious actor to send specially-crafted HTTP requests to the targeted device and achieve remote code execution.\n\n\"A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system of the affected device,\" Cisco [said](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm>) in its advisory.\n\n[](<https://thehackernews.com/images/-58a_lpLOHx8/YHAZA2VHSdI/AAAAAAAACOc/oBaehG8rSQM7krcbLlP_n-18TvJLMxmawCLcBGAsYHQ/s0/cisco.jpg>)\n\nSecurity researcher Treck Zhou has been credited with reporting the vulnerability. Although the company noted there's been no evidence of active exploitation attempts in the wild, it doesn't intend to release a patch or make any workarounds available, citing that the products have [reached end-of-life](<https://www.cisco.com/c/en/us/products/collateral/routers/small-business-rv-series-routers/eos-eol-notice-c51-742771.pdf>).\n\n[](<https://go.thn.li/inside22> \"password auditor\" )\n\n\"The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process,\" the firm said. \"Customers are encouraged to migrate to the Cisco Small Business RV132W, RV160, or RV160W Routers.\"\n\nSeparately, Cisco has also [released software updates](<https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-YuTVWqy>) to address multiple vulnerabilities in Cisco SD-WAN vManage Software (CVE-2021-1137, CVE-2021-1479, and CVE-2021-1480) that could permit an unauthenticated, remote attacker to execute arbitrary code or allow an authenticated, local attacker to gain escalated privileges on an affected system. \n\nA consequence of a buffer overflow condition, CVE-2021-1479 is rated 9.8 in severity, and a successful exploitation of which \"could allow the attacker to execute arbitrary code on the underlying operating system with root privileges.\"\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "modified": "2021-04-09T11:56:15", "published": "2021-04-09T09:22:00", "id": "THN:F2A37F040B6AE81E1646EC5E0EE9EEA2", "href": "https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html", "type": "thn", "title": "Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers", "cvss": {"score": 0.0, "vector": "NONE"}}]}