79 matches found
CVE-2021-34730
CVE-2021-34730 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. It arises from improper validation in the UPnP service, enabling unauthenticated remote code execution as root or a device restart (DoS). The affected devices are end-of-life, and Cisco has not released softwar...
CVE-2021-1167
CVE-2021-1167 concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue is in the web-based management interface where improper validation of user-supplied input can be exploited by an authenticated attacker to execute arbitrary code as root or trigger a device restart, c...
CVE-2021-1149
Affected products: Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Vulnerability: command injection in the web-based management interface due to improper validation of user-supplied input, exploitable via crafted HTTP requests. Requirements/Impact: attacker must have valid adminis...
CVE-2021-1147
Cisco Small Business RV110W, RV130, RV130W and RV215W routers are affected by CVE-2021-1147 due to improper validation in the web-based management interface, enabling an authenticated attacker with admin credentials to inject commands executed with root privileges via crafted HTTP requests. The a...
CVE-2022-20882
The CVE-2022-20882 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Affected component: the web-based management interface; root cause: insufficient validation of user fields within incoming HTTP packets. Impact: authenticated, remote attacker with administrator cred...
CVE-2021-1150
The CVE-2021-1150 issue affects Cisco Small Business RV110W, RV130, RV130W and RV215W routers. Affected component: web-based management interface. Root cause: improper validation of user-supplied input in the web interface enables command injection. Exploitation requires valid administrator crede...
CVE-2021-1146
CVE-2021-1146 affects Cisco Small Business RV110W/RV130/RV130W/RV215W routers. The issue lies in improper validation in the web-based management interface, allowing an authenticated attacker to inject arbitrary commands that run with root privileges via crafted HTTP requests. Exploitation require...
CVE-2022-20881
CVE-2022-20881 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. The issue stems from insufficient validation of user fields in incoming HTTP packets to the web-based management interface, allowing an authenticated attacker with Administrator credentials to execute arbitrary...
CVE-2022-20880
CVE-2022-20880 affects Cisco Small Business RV110W/RV130/RV130W/RV215W routers. The issue stems from insufficient validation of user fields in incoming HTTP packets on the web-based management interface, enabling an authenticated attacker with administrative credentials to execute arbitrary comma...
CVE-2022-20883
Cisco CVE-2022-20883 affects the web-based management interfaces of Small Business RV110W, RV130, RV130W, and RV215W routers. The root cause is insufficient validation of user fields in incoming HTTP packets, allowing an authenticated attacker with admin credentials to execute arbitrary commands ...
CVE-2021-1148
The CVE-2021-1148 entry relates to multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The root cause is improper validation of user-supplied input in the web interface, enabling an authenticated attacker with valid adm...
CVE-2022-20889
Cisco CVE-2022-20889 affects the web-based management interfaces of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue stems from insufficient validation of user fields in HTTP requests, enabling an authenticated attacker with valid Administrator credentials to either execu...
CVE-2022-20874
CVE-2022-20874 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue stems from insufficient validation of user fields in incoming HTTP requests to the web-based management interface, enabling an authenticated attacker to execute arbitrary commands with root privileges...
CVE-2022-20878
CVE-2022-20878 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issues stem from insufficient validation of user fields in incoming HTTP packets within the web-based management interface, allowing an authenticated attacker with administrator credentials to potentially e...
CVE-2022-20888
Affected devices : Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. Vulnerability : Multiple flaws in the web-based management interface allow an authenticated attacker with valid Administrator credentials to execute arbitrary commands with root privileges or cause the device to re...
CVE-2022-20884
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers are affected by multiple vulnerabilities in the web-based management interface due to insufficient validation of user fields in HTTP packets. An authenticated attacker with admin credentials could exploit crafted requests to execute a...
CVE-2021-1193
CVE-2021-1193 : Vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers stem from improper input validation. An authenticated attacker could send crafted HTTP requests to the affected device, potentially executing arbitrary code as r...
CVE-2022-20887
CVE-2022-20887 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The web-based management interface contains multiple vulnerabilities due to insufficient validation of user fields in incoming HTTP packets. An attacker with valid Administrator credentials could remotely execu...
CVE-2021-1197
CVE-2021-1197 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue is in the web-based management interface, caused by improper validation of user-supplied input, enabling an authenticated attacker to execute arbitrary code as the root user or trigger a device restart...
CVE-2022-20877
CVE-2022-20877 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue stems from insufficient validation of user fields in incoming HTTP packets via the web-based management interface, enabling an authenticated attacker with administrator credentials to execute arbitrar...
CVE-2022-20890
CVE-2022-20890 concerns Cisco Small Business RV110W/RV130/RV130W/RV215W routers. The issue stems from insufficient validation of user fields in HTTP requests to the web-based management interface, allowing an authenticated attacker with valid Administrator credentials to execute arbitrary command...
CVE-2021-1162
Cisco Small Business RV110W, RV130, RV130W, and RV215W routers are affected by CVE-2021-1162 due to improper validation in the web-based management interface. An authenticated remote attacker with valid administrator credentials could exploit crafted HTTP requests to execute arbitrary code as roo...
CVE-2022-20910
CVE-2022-20910 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue stems from insufficient validation of user fields in the web-based management HTTP interface, enabling an authenticated attacker with valid Administrator credentials to execute arbitrary commands with...
CVE-2022-20885
The CVE-2022-20885 entry covers multiple vulnerabilities in Cisco Small Business RV110W/RV130/RV130W/RV215W routers’ web-based management interface. Root cause: insufficient validation of user fields within incoming HTTP packets, enabling an authenticated attacker with Administrator credentials t...
CVE-2022-20886
CVE-2022-20886 affects Cisco Small Business RV110W/RV130/RV130W/RV215W routers. Affected component: web-based management interface. Root cause: insufficient validation of user fields in HTTP packets. Impact: authenticated remote attacker could execute arbitrary commands as root or reboot device, ...
CVE-2021-1198
Cisco CVE-2021-1198 affects the Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The flaws reside in the web-based management interface due to improper validation of user-supplied input, exploitable by an authenticated remote attacker who can send crafted HTTP requests to the devic...
CVE-2021-1169
CVE-2021-1169 affects Cisco Small Business RV110W/RV130/RV130W/RV215W routers, with multiple vulnerabilities in the web-based management interface caused by improper validation of user-supplied input. An authenticated attacker with administrator credentials can send crafted HTTP requests to the d...
CVE-2022-20876
Cisco Small Business RV110W, RV130, RV130W, and RV215W routers expose multiple vulnerabilities in their web-based management interface due to insufficient validation of user fields in HTTP requests. An authenticated attacker with valid Administrator credentials could exploit crafted requests to e...
CVE-2021-1176
CVE-2021-1176 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issues are in the web-based management interface where improper validation of user-supplied input could let an authenticated remote attacker run arbitrary code as root or trigger a device restart, potentiall...
CVE-2021-1214
The CVE-2021-1214 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers with vulnerabilities in the web-based management interface due to improper input validation. An attacker with valid administrator credentials could send crafted HTTP requests to the device, potentially...
CVE-2022-20879
The CVE-2022-20879 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue is multiple vulnerabilities in the web-based management interface caused by insufficient validation of user fields in incoming HTTP packets, enabling an authenticated attacker to execute ar...
CVE-2021-1187
The CVE-2021-1187 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The web-based management interface is affected by multiple vulnerabilities caused by improper validation of user-supplied input. An authenticated attacker could exploit crafted HTTP requests to execut...
CVE-2022-20873
CVE-2022-20873 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Vulnerabilities stem from insufficient validation of user fields in HTTP requests to the web-based management interface, enabling an authenticated attacker with administrator credentials to execute arbitrary co...
CVE-2021-1161
CVE-2021-1161 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue stems from improper validation of user input in the web-based management interface, enabling an authenticated attacker with administrator credentials to trigger remote code execution as root or cause a...
CVE-2021-1195
Cisco CVE-2021-1195 affects the Cisco Small Business RV110W/RV130/RV130W/RV215W routers. The issues stem from improper validation in the web-based management interface and UPnP service, allowing an authenticated remote attacker to execute arbitrary code as root or trigger a device reload, causing...
CVE-2021-1208
The CVE-2021-1208 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issue stems from improper validation in the web-based management interface, allowing an authenticated, remote attacker with valid administrator credentials to execute arbitrary code as root or cau...
CVE-2021-40120
CVE-2021-40120 describes a command-injection vulnerability in the web-based management interface of Cisco Small Business RV Series Routers. An authenticated, remote attacker with administrative privileges can exploit insufficient input validation in a specific management-field to execute arbitrar...
CVE-2021-1170
CVE-2021-1170 affects Cisco Small Business RV110W/RV130/RV130W/RV215W routers, via multiple vulnerabilities in the web-based management interface (and UPnP per Cisco advisory) caused by improper validation of user-supplied input. An authenticated attacker could exploit crafted HTTP requests to ac...
CVE-2022-20875
Affected software/hardware: Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers (web-based management interface). Vulnerability details: Multiple vulnerabilities due to insufficient validation of user fields in incoming HTTP packets. An attacker with valid Administrator credentials can...
CVE-2021-1152
Cisco Small Business RV110W/RV130/RV130W/RV215W routers exhibit Stored Cross-Site Scripting vulnerabilities in their web-based management interface due to insufficient input validation. An authenticated remote attacker with valid administrator credentials can send crafted HTTP requests to execute...
CVE-2021-1159
The CVE-2021-1159 family affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Vulnerabilities stem from improper input validation in the web-based management interface and UPnP service, enabling an authenticated remote attacker to execute arbitrary code as root or cause a devic...
CVE-2021-1166
CVE-2021-1166 affects Cisco Small Business RV110W/RV130/RV130W/RV215W routers’ web-based management interface. The root cause is improper validation of user-supplied input, allowing an authenticated attacker to execute arbitrary code or force a device restart via crafted HTTP requests. Impact can...
CVE-2021-1175
Cisco Small Business RV110W/RV130/RV130W/RV215W routers are affected by CVE-2021-1175 due to improper validation of user-supplied input in the web-based management interface. An authenticated attacker with valid admin credentials could remotely execute arbitrary code as root or cause a device rel...
CVE-2021-1177
Affected devices: Cisco Small Business RV110W, RV130, RV130W, RV215W routers. Vulnerability: Multiple input validation flaws in the web-based management interface allow an authenticated attacker with administrator credentials to execute arbitrary code as root or trigger a device reload, leading t...
CVE-2021-1153
The CVE-2021-1153 entry corresponds to multiple stored cross-site scripting (XSS) vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Affected component: the web management UI; root cause: insufficient input validation in the in...
CVE-2021-1168
The CVE-2021-1168 set affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The root cause is improper validation of user-supplied input in the web-based management interface and UPnP component, enabling an authenticated, remote attacker to run arbitrary code as root or trigger ...
CVE-2021-1173
CVE-2021-1173 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The issues are multiple vulnerabilities in the web-based management interface (and UPnP per advisory) caused by improper validation of user-supplied input. An authenticated, remote attacker could craft HTTP requ...
CVE-2021-1174
The CVE-2021-1174 entry covers multiple vulnerabilities in Cisco Small Business RV110W/RV130/RV130W/RV215W routers’ web-based management interface. The issues arise from improper validation of user-supplied input, allowing an authenticated attacker with valid administrator credentials to craft HT...
CVE-2021-1196
The CVE-2021-1196 entry concerns Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Affects the web-based management interface and is due to improper validation of user-supplied input. An authenticated, remote attacker with valid administrator credentials could send crafted HTTP requ...
CVE-2021-1199
CVE-2021-1199 affects Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. The root cause is improper validation of user-supplied input in the devices’ web-based management interface, enabling an authenticated attacker to execute arbitrary code as root or cause a restart (DoS) by sendi...