4 matches found
Command Injection Vulnerability in Multiple Cisco Products (CNVD-2020-35166)
Cisco Small Business RV320 and others are a VPN router from Cisco USA. A command injection vulnerability exists in the Web management interface of several Cisco products, which originates from the program failing to properly validate user-submitted input, and can be exploited by a remote attacker...
CVE-2019-1724 Cisco Small Business RV320 and RV325 Routers Session Hijacking Vulnerability
A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. An attacker could use this impersonated...
CVE-2019-1652
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper...
CVE-2019-1653
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit th...