漏洞标题
Cisco RV110W、RV130、RV130W和RV215W路由器管理界面远程命令执行多个漏洞
漏洞描述信息
Cisco RV110W、RV130、RV130W和RV215W路由器管理界面远程命令执行多个漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities
漏洞描述信息
Multiple vulnerabilities in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary code on an affected device. The vulnerabilities are due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit these vulnerabilities by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.
CVSS信息
N/A
漏洞类别
内存缓冲区边界内操作的限制不恰当
漏洞标题
多款Cisco产品缓冲区错误漏洞
漏洞描述信息
Cisco RV110W Wireless-N VPN Firewall是美国思科(Cisco)公司的一款企业级路由器。 多款Cisco产品中的Web管理界面存在缓冲区错误漏洞,该漏洞源于程序没有正确验证用户数据。远程攻击者可借助恶意HTTP请求利用该漏洞在系统上执行任意代码。以下产品及版本受到影响:Cisco RV110W Wireless-N VPN Firewall;RV130 VPN Router;RV130W Wireless-N Multifunction VPN Router;RV215W
CVSS信息
N/A
漏洞类别
缓冲区错误