CiscoCISCO-SA-RV110W-STATIC-CRED-BMTWBWTYCisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability
EPSS
Percentile
76.2%
A vulnerability in the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall Routers could allow an unauthenticated, remote attacker to take full control of the device with a high-privileged account.
The vulnerability exists because a system account has a default and static password. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to gain full control of an affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy”]
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | rv110w_wireless-n_vpn_firewall_firmware | any | cpe:2.3:o:cisco:rv110w_wireless-n_vpn_firewall_firmware:any:*:*:*:*:*:*:* |
Related
