7.4 High
AI Score
Confidence
Low
9 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.4%
The network-diagnostics administration interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote authenticated users to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCuh87126.
packetstormsecurity.com/files/128992/Cisco-RV-Overwrite-CSRF-Command-Execution.html
seclists.org/fulldisclosure/2014/Nov/6
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv
www.securityfocus.com/archive/1/533917/100/0/threaded
www.securitytracker.com/id/1031171
exchange.xforce.ibmcloud.com/vulnerabilities/98497