CVE-2021-1472

Cisco Small Business RV Series Routers Vulnerabilities

CVSS 5.3 MEDIUMEPSS 72.5%CWE-119

Vexday Risk Score

50Atención

Decisión SSVC (CISA)

Attend

PoC disponible → seguir de cerca

CVSS 5.3EPSS 72.5%KEV nãoPoC —Nuclei simMetasploit simPatch referenciado

Ciclo de vida

07 abr 2021Exploit Metasploit disponible

08 abr 2021Publicada en NVD

Recomendación: Planificar corrección próxima — ya existe PoC pública.

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Productos afectados

Cisco · Cisco Small Business RV Series Router Firmware

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/162238/Cisco-RV-Authentication-Bypass-Code-Execution.html http://seclists.org/fulldisclosure/2021/Apr/39 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-bypass-inject-Rbhgvfdx