Lucene search

[email protected]NVD:CVE-2016-1395

HistoryJun 19, 2016 - 1:59 a.m.

CVE-2016-1395

2016-06-1901:59:03

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

72.3%

JSON

The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to execute arbitrary code as root via a crafted HTTP request, aka Bug ID CSCux82428.

Affected configurations

Nvd

Node

ciscorv130w_wireless-n_multifunction_vpn_routerMatch-

AND

ciscorv130w_wireless-n_multifunction_vpn_router_firmwareMatch1.0.0.21

ciscorv130w_wireless-n_multifunction_vpn_router_firmwareMatch1.0.1.3

ciscorv130w_wireless-n_multifunction_vpn_router_firmwareMatch1.0.2.7

Node

ciscorv215w_wireless-n_vpn_routerMatch-

AND

ciscorv215w_wireless-n_vpn_router_firmwareMatch1.1.0.5

ciscorv215w_wireless-n_vpn_router_firmwareMatch1.1.0.6

ciscorv215w_wireless-n_vpn_router_firmwareMatch1.2.0.14

ciscorv215w_wireless-n_vpn_router_firmwareMatch1.2.0.15

ciscorv215w_wireless-n_vpn_router_firmwareMatch1.3.0.7

Node

ciscorv110w_wireless-n_vpn_firewallMatch-

AND

ciscorv110w_wireless-n_vpn_firewall_firmwareMatch1.1.0.9

ciscorv110w_wireless-n_vpn_firewall_firmwareMatch1.2.0.9

ciscorv110w_wireless-n_vpn_firewall_firmwareMatch1.2.0.10

ciscorv110w_wireless-n_vpn_firewall_firmwareMatch1.2.1.4

VendorProductVersionCPE
ciscorv130w_wireless-n_multifunction_vpn_router-cpe:2.3:h:cisco:rv130w_wireless-n_multifunction_vpn_router:-:*:*:*:*:*:*:*
ciscorv130w_wireless-n_multifunction_vpn_router_firmware1.0.0.21cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.0.21:*:*:*:*:*:*:*
ciscorv130w_wireless-n_multifunction_vpn_router_firmware1.0.1.3cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.1.3:*:*:*:*:*:*:*
ciscorv130w_wireless-n_multifunction_vpn_router_firmware1.0.2.7cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.2.7:*:*:*:*:*:*:*
ciscorv215w_wireless-n_vpn_router-cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:*:*:*:*:*:*:*
ciscorv215w_wireless-n_vpn_router_firmware1.1.0.5cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.1.0.5:*:*:*:*:*:*:*
ciscorv215w_wireless-n_vpn_router_firmware1.1.0.6cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.1.0.6:*:*:*:*:*:*:*
ciscorv215w_wireless-n_vpn_router_firmware1.2.0.14cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.0.14:*:*:*:*:*:*:*
ciscorv215w_wireless-n_vpn_router_firmware1.2.0.15cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.0.15:*:*:*:*:*:*:*
ciscorv215w_wireless-n_vpn_router_firmware1.3.0.7cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.3.0.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	rv130w_wireless-n_multifunction_vpn_router	-	cpe:2.3:h:cisco:rv130w_wireless-n_multifunction_vpn_router:-:::::::*
cisco	rv130w_wireless-n_multifunction_vpn_router_firmware	1.0.0.21	cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.0.21:::::::*
cisco	rv130w_wireless-n_multifunction_vpn_router_firmware	1.0.1.3	cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.1.3:::::::*
cisco	rv130w_wireless-n_multifunction_vpn_router_firmware	1.0.2.7	cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.2.7:::::::*
cisco	rv215w_wireless-n_vpn_router	-	cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:::::::*
cisco	rv215w_wireless-n_vpn_router_firmware	1.1.0.5	cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.1.0.5:::::::*
cisco	rv215w_wireless-n_vpn_router_firmware	1.1.0.6	cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.1.0.6:::::::*
cisco	rv215w_wireless-n_vpn_router_firmware	1.2.0.14	cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.0.14:::::::*
cisco	rv215w_wireless-n_vpn_router_firmware	1.2.0.15	cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.2.0.15:::::::*
cisco	rv215w_wireless-n_vpn_router_firmware	1.3.0.7	cpe:2.3:o:cisco:rv215w_wireless-n_vpn_router_firmware:1.3.0.7:::::::*

Rows per page:

1-10 of 151

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv

www.securitytracker.com/id/1036113

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.004

Percentile

72.3%

JSON

Related for NVD:CVE-2016-1395

cisco1 openvas1 prion1 cve1 cvelist1