Multiple vulnerabilities in Cisco Small Business RV110W, RV130, RV130W and RV215W Routers

1) Stack-based buffer overflow

EUVDB-ID: #VU49607

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1159

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Stack-based buffer overflow

EUVDB-ID: #VU49653

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1205

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Stack-based buffer overflow

EUVDB-ID: #VU49641

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1193

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Stack-based buffer overflow

EUVDB-ID: #VU49642

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1194

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Stack-based buffer overflow

EUVDB-ID: #VU49643

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1195

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Stack-based buffer overflow

EUVDB-ID: #VU49644

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1196

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Stack-based buffer overflow

EUVDB-ID: #VU49645

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1197

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Stack-based buffer overflow

EUVDB-ID: #VU49646

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1198

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Stack-based buffer overflow

EUVDB-ID: #VU49647

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1199

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Stack-based buffer overflow

EUVDB-ID: #VU49648

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1200

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Stack-based buffer overflow

EUVDB-ID: #VU49649

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1201

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Stack-based buffer overflow

EUVDB-ID: #VU49650

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1202

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Stack-based buffer overflow

EUVDB-ID: #VU49651

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1203

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Stack-based buffer overflow

EUVDB-ID: #VU49652

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1204

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Stack-based buffer overflow

EUVDB-ID: #VU49654

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1206

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Stack-based buffer overflow

EUVDB-ID: #VU49639

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1191

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Stack-based buffer overflow

EUVDB-ID: #VU49655

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1207

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Stack-based buffer overflow

EUVDB-ID: #VU49656

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1208

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Stack-based buffer overflow

EUVDB-ID: #VU49657

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1209

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Stack-based buffer overflow

EUVDB-ID: #VU49658

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1210

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Stack-based buffer overflow

EUVDB-ID: #VU49659

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1211

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Stack-based buffer overflow

EUVDB-ID: #VU49660

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1212

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Stack-based buffer overflow

EUVDB-ID: #VU49662

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1213

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Stack-based buffer overflow

EUVDB-ID: #VU49663

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1214

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Stack-based buffer overflow

EUVDB-ID: #VU49664

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1215

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Stack-based buffer overflow

EUVDB-ID: #VU49665

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1216

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Stack-based buffer overflow

EUVDB-ID: #VU49666

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1217

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Stack-based buffer overflow

EUVDB-ID: #VU49667

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1307

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Stack-based buffer overflow

EUVDB-ID: #VU49668

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1360

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Stack-based buffer overflow

EUVDB-ID: #VU49640

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1192

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Stack-based buffer overflow

EUVDB-ID: #VU49638

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1190

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Stack-based buffer overflow

EUVDB-ID: #VU49608

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1160

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Stack-based buffer overflow

EUVDB-ID: #VU49622

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1174

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Stack-based buffer overflow

EUVDB-ID: #VU49609

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1161

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Stack-based buffer overflow

EUVDB-ID: #VU49610

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1162

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Stack-based buffer overflow

EUVDB-ID: #VU49611

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1163

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Stack-based buffer overflow

EUVDB-ID: #VU49612

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1164

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Stack-based buffer overflow

EUVDB-ID: #VU49613

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1165

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Stack-based buffer overflow

EUVDB-ID: #VU49614

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1166

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Stack-based buffer overflow

EUVDB-ID: #VU49615

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1167

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: Yes

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

41) Stack-based buffer overflow

EUVDB-ID: #VU49616

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1168

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Stack-based buffer overflow

EUVDB-ID: #VU49617

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1169

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Stack-based buffer overflow

EUVDB-ID: #VU49618

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1170

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Stack-based buffer overflow

EUVDB-ID: #VU49619

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1171

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Stack-based buffer overflow

EUVDB-ID: #VU49620

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1172

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Stack-based buffer overflow

EUVDB-ID: #VU49621

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1173

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Stack-based buffer overflow

EUVDB-ID: #VU49623

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1175

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Stack-based buffer overflow

EUVDB-ID: #VU49637

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1189

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Stack-based buffer overflow

EUVDB-ID: #VU49624

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1176

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Stack-based buffer overflow

EUVDB-ID: #VU49625

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1177

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Stack-based buffer overflow

EUVDB-ID: #VU49626

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1178

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Stack-based buffer overflow

EUVDB-ID: #VU49627

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1179

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Stack-based buffer overflow

EUVDB-ID: #VU49628

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1180

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Stack-based buffer overflow

EUVDB-ID: #VU49629

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1181

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Stack-based buffer overflow

EUVDB-ID: #VU49630

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1182

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Stack-based buffer overflow

EUVDB-ID: #VU49631

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1183

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Stack-based buffer overflow

EUVDB-ID: #VU49632

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1184

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Stack-based buffer overflow

EUVDB-ID: #VU49633

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1185

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Stack-based buffer overflow

EUVDB-ID: #VU49634

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1186

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Stack-based buffer overflow

EUVDB-ID: #VU49635

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1187

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Stack-based buffer overflow

EUVDB-ID: #VU49636

Risk: Low

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1188

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send specially crafted HTTP requests, trigger stack-based buffer overflow and execute arbitrary code on the target system or cause a denial of service (DoS) condition.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Stored cross-site scripting

EUVDB-ID: #VU49606

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1158

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Stored cross-site scripting

EUVDB-ID: #VU49605

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1157

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Stored cross-site scripting

EUVDB-ID: #VU49604

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1156

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Stored cross-site scripting

EUVDB-ID: #VU49603

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1155

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Stored cross-site scripting

EUVDB-ID: #VU49602

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1154

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Stored cross-site scripting

EUVDB-ID: #VU49601

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1153

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Stored cross-site scripting

EUVDB-ID: #VU49600

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1152

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Stored cross-site scripting

EUVDB-ID: #VU49599

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-1151

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote authenticated attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

RV110W Wireless-N VPN Firewall: 1.2.2.8 - 1.3.1.7

RV130W Wireless-N Multifunction VPN Router: 1.2.2.8 - 1.3.1.7

RV215W Wireless-N VPN Router: 1.2.2.8 - 1.3.1.7

Cisco Small Business RV130 Series VPN Routers: 1.2.2.8 - 1.3.1.7

• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv110w_wireless-n_vpn_firewall:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv130w_wireless-n_multifunction_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:rv215w_wireless-n_vpn_router:1.3.1.7:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.2.2.8:*:*:*:*:*:*:*
• cpe:2.3:h:cisco_systems:cisco_small_business_rv130_series_vpn_routers:1.3.1.7:*:*:*:*:*:*:*

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-LPTQ3EQC

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.