CVE-2021-1472

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:cisco:rv160_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv160:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:cisco:rv160w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv160w:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:cisco:rv260_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv260:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:cisco:rv260p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv260p:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:cisco:rv260w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv260w:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:cisco:rv340w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:cisco:rv345_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:cisco:rv345p_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*

Information

Published : 2021-04-08 04:15

Updated : 2021-04-13 17:54


NVD link : CVE-2021-1472

Mitre link : CVE-2021-1472


JSON object : View

Products Affected

cisco

  • rv160w_firmware
  • rv260w
  • rv340_firmware
  • rv260_firmware
  • rv340
  • rv260p
  • rv345_firmware
  • rv345p
  • rv260
  • rv160
  • rv345p_firmware
  • rv160w
  • rv160_firmware
  • rv340w_firmware
  • rv345
  • rv340w
  • rv260w_firmware
  • rv260p_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer