Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rv215w_wireless\-N_vpn_router_firmware
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 68 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-01-13 | CVE-2021-1217 | Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit... | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130_vpn_router_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 7.2 | ||
| 2021-08-18 | CVE-2021-34730 | A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of incoming UPnP traffic. An attacker could exploit this vulnerability by sending a crafted UPnP request to an affected device. A successful... | Application_extension_platform, Rv110w_wireless\-N_vpn_firewall_firmware, Rv130_vpn_router_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 9.8 | ||
| 2020-07-16 | CVE-2020-3323 | A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary... | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130_vpn_router_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 9.8 | ||
| 2020-07-16 | CVE-2020-3332 | A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could... | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130_vpn_router_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | N/A | ||
| 2020-07-16 | CVE-2020-3331 | A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input data by the web-based management interface. An attacker could exploit this vulnerability by sending crafted requests to a targeted device. A successful exploit could allow the attacker to execute... | Rv110w_wireless\-N_vpn_firewall_firmware, Rv215w_wireless\-N_vpn_router_firmware | N/A | ||
| 2016-06-18 | CVE-2016-1397 | Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523. | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 6.5 | ||
| 2016-06-18 | CVE-2016-1396 | Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583. | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 6.1 | ||
| 2016-06-18 | CVE-2016-1395 | The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to execute arbitrary code as root via a crafted HTTP request, aka Bug ID CSCux82428. | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 9.8 | ||
| 2016-08-07 | CVE-2015-6397 | Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557. | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 8.8 | ||
| 2016-08-07 | CVE-2015-6396 | The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567. | Rv110w_wireless\-N_vpn_firewall_firmware, Rv130w_wireless\-N_multifunction_vpn_router_firmware, Rv215w_wireless\-N_vpn_router_firmware | 7.8 |