漏洞标题
Cisco小型企业RV160、RV160W、RV260、RV260P和RV260W VPN路由器任意文件写入漏洞
漏洞描述信息
Cisco Small Business RV160、RV160W、RV260、RV260P和RV260W VPN路由器存在任意文件写入漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
漏洞类别
N/A
漏洞标题
Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities
漏洞描述信息
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
漏洞类别
绝对路径遍历
漏洞标题
多款Cisco产品路径遍历漏洞
漏洞描述信息
Cisco RV160等都是美国思科(Cisco)公司的一款应用于企业环境的路由器。 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers 存在路径遍历漏洞,该漏洞允许未经身份验证的远程攻击者可利用该漏洞进行目录遍历攻击,并覆盖受影响系统上应该受限制的某些文件。
CVSS信息
N/A
漏洞类别
路径遍历