多款Cisco产品缓冲区错误漏洞

🗓️ 13 Jan 2021 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 3 Views

多款思科设备的Web管理界面存在远程命令执行与拒绝服务漏洞，攻击者可通过定制HTTP请求在根权限执行代码或重启设备。

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability in the web interface for managing microprogrammed wireless router software of Cisco RV110W, Cisco RV130, Cisco RV130W, and Cisco RV215W allows a hacker to execute arbitrary code or cause a service failure.	20 Jan 202100:00	–	bdu_fstec
CNVD	Cisco RV110W/RV130/RV130W/RV215W Remote Command Execution and Denial of Service Vulnerability (CNVD-2021-41207)	14 Jan 202100:00	–	cnvd
CVE	CVE-2021-1180	13 Jan 202121:21	–	cve
Cvelist	CVE-2021-1180 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities	13 Jan 202121:21	–	cvelist
EUVD	EUVD-2021-6647	3 Oct 202520:07	–	euvd
NVD	CVE-2021-1180	13 Jan 202122:15	–	nvd
OSV	CVE-2021-1180	13 Jan 202122:15	–	osv
Prion	Input validation	13 Jan 202122:15	–	prion
Vulnrichment	CVE-2021-1180 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities	13 Jan 202121:21	–	vulnrichment

Source	Link
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U
auscert	www.auscert.org.au/bulletins/ESB-2021.0142/
auscert	www.auscert.org.au/bulletins/ESB-2021.0232/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-1180
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

26 May 2026 00:00Current

7.6High risk

Vulners AI Score7.6

CVSS 3.17.2

CVSS 29

EPSS0.00435

SSVC

Cisco RV110W Cisco RV130 Cisco RV130W Cisco RV215W Web management interface Remote command execution Denial of service Root access Arbitrary code