Cisco Security Advisory - Cisco Small Business RV Series Routers Command Injection Vulnerability

Started by Netwörkheäd, November 05, 2021, 06:26:01 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Netwörkheäd

November 05, 2021, 06:26:01 PM
Cisco Small Business RV Series Routers Command Injection Vulnerability

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges.


This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.


There are no workarounds that address this vulnerability.


This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK



     
         
Security Impact Rating:  Medium
   
   
       
CVE: CVE-2021-40120
Source: Cisco Small Business RV Series Routers Command Injection Vulnerability
Let's not argue. Let's network!
Print
Go Up Pages1
User actions