CVE-2021-1172

HIGH Year: 2021
CVSS v3 Score
7.2
High
CVSS v2 Score
9.0
Critical
Weakness Type
CWE-121
View all →

Vulnerability Description

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Related Vulnerabilities

CVE-2019-10193

HIGH
CVSS:7.2(High)

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRAN...

CWE-1212019

CVE-2019-15695

HIGH
CVSS:7.2(High)

TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflow, which could be triggered from CMsgReader::readSetCursor. This vulnerability occurs due to insufficient sanitization of PixelFor...

CWE-1212019

CVE-2020-1990

HIGH
CVSS:7.2(High)

A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root ...

CWE-1212020

CVE-2020-2027

HIGH
CVSS:7.2(High)

A buffer overflow vulnerability in the authd component of the PAN-OS management server allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root ...

CWE-1212020

CVE-2020-2042

HIGH
CVSS:7.2(High)

A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This...

CWE-1212020

CVE-2021-1159

HIGH
CVSS:7.2(High)

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code...

CWE-1212021