Cisco RV130W Wireless-N Multifunction VPN Router Firmware 1.0.3.54

CPE Details

Cisco RV130W Wireless-N Multifunction VPN Router Firmware 1.0.3.54
cisco
rv130w_wireless-n_multifunction_vpn_router_firmware
1.0.3.54
2020-09-16
14h11 +00:00
2020-09-16
14h11 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:cisco:rv130w_wireless-n_multifunction_vpn_router_firmware:1.0.3.54:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

rv130w_wireless-n_multifunction_vpn_router_firmware

Version

1.0.3.54

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-3332 2020-07-16 17h21 +00:00 A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker to inject arbitrary shell commands that are executed by an affected device. The vulnerability is due to insufficient input validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary shell commands or scripts with root privileges on the affected device.
8.8
Haute
CVE-2015-6396 2016-08-07 22h00 +00:00 The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux58161, and CSCux73567.
7.8
Haute
CVE-2015-6397 2016-08-07 22h00 +00:00 Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557.
8.8
Haute
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.