cnvd - cnvd-2021-41202

cnvd-2021-41202

Vulnerability from cnvd

Title: Cisco RV110W/RV130/RV130W/RV215W远程命令执行和拒绝服务漏洞（CNVD-2021-41202）

Description:

Cisco RV110W是一款Wireless-N VPN防火墙，Cisco RV130是一款多功能VPN路由器，Cisco RV130W是一款Wireless-N多功能VPN路由器，Cisco RV215W是一款Wireless-N VPN路由器。

Cisco RV110W/RV130/RV130W/RV215W的Web管理界面存在远程命令执行和拒绝服务漏洞，攻击者可通过向受影响的设备发送特制HTTP请求利用该漏洞以root用户身份在底层操作系统上执行任意代码，或导致设备重新加载。

Severity: 高

Patch Name: Cisco RV110W/RV130/RV130W/RV215W远程命令执行和拒绝服务漏洞（CNVD-2021-41202）的补丁

Patch Description:

Cisco RV110W是一款Wireless-N VPN防火墙，Cisco RV130是一款多功能VPN路由器，Cisco RV130W是一款Wireless-N多功能VPN路由器，Cisco RV215W是一款Wireless-N VPN路由器。

Cisco RV110W/RV130/RV130W/RV215W的Web管理界面存在远程命令执行和拒绝服务漏洞，攻击者可通过向受影响的设备发送特制HTTP请求利用该漏洞以root用户身份在底层操作系统上执行任意代码，或导致设备重新加载。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U

Impacted products

Name
['Cisco RV110W', 'Cisco RV130W 无', 'Cisco RV215W 无', 'Cisco RV130']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-1185",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-1185"
    }
  },
  "description": "Cisco RV110W\u662f\u4e00\u6b3eWireless-N VPN\u9632\u706b\u5899\uff0cCisco RV130\u662f\u4e00\u6b3e\u591a\u529f\u80fdVPN\u8def\u7531\u5668\uff0cCisco RV130W\u662f\u4e00\u6b3eWireless-N\u591a\u529f\u80fdVPN\u8def\u7531\u5668\uff0cCisco RV215W\u662f\u4e00\u6b3eWireless-N VPN\u8def\u7531\u5668\u3002\n\nCisco RV110W/RV130/RV130W/RV215W\u7684Web\u7ba1\u7406\u754c\u9762\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u548c\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u53d1\u9001\u7279\u5236HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5root\u7528\u6237\u8eab\u4efd\u5728\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u6216\u5bfc\u81f4\u8bbe\u5907\u91cd\u65b0\u52a0\u8f7d\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-41202",
  "openTime": "2021-06-13",
  "patchDescription": "Cisco RV110W\u662f\u4e00\u6b3eWireless-N VPN\u9632\u706b\u5899\uff0cCisco RV130\u662f\u4e00\u6b3e\u591a\u529f\u80fdVPN\u8def\u7531\u5668\uff0cCisco RV130W\u662f\u4e00\u6b3eWireless-N\u591a\u529f\u80fdVPN\u8def\u7531\u5668\uff0cCisco RV215W\u662f\u4e00\u6b3eWireless-N VPN\u8def\u7531\u5668\u3002\r\n\r\nCisco RV110W/RV130/RV130W/RV215W\u7684Web\u7ba1\u7406\u754c\u9762\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u548c\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u53d1\u9001\u7279\u5236HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u4ee5root\u7528\u6237\u8eab\u4efd\u5728\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u6216\u5bfc\u81f4\u8bbe\u5907\u91cd\u65b0\u52a0\u8f7d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco RV110W/RV130/RV130W/RV215W\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u548c\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2021-41202\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco RV110W",
      "Cisco RV130W \u65e0",
      "Cisco RV215W \u65e0",
      "Cisco RV130"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U",
  "serverity": "\u9ad8",
  "submitTime": "2021-01-14",
  "title": "Cisco RV110W/RV130/RV130W/RV215W\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u548c\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2021-41202\uff09"
}

CVE-2021-1185 (GCVE-0-2021-1185)

Vulnerability from cvelistv5

Published

2021-01-13 21:21

Modified

2024-11-12 20:45

Severity ?

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-121

Summary

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

References

▼	URL	Tags
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U	vendor-advisory, x_refsource_CISCO

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Small Business RV Series Router Firmware	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T16:02:56.094Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20210113 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-1185",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T20:32:57.204890Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T20:45:54.843Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Small Business RV Series Router Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2021-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-13T21:21:26",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20210113 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U"
        }
      ],
      "source": {
        "advisory": "cisco-sa-rv-overflow-WUnUgv4U",
        "defect": [
          [
            "CSCvv65098",
            "CSCvv69398",
            "CSCvv71463",
            "CSCvv71466",
            "CSCvv71467",
            "CSCvv71468",
            "CSCvv79107",
            "CSCvv79109",
            "CSCvv79110",
            "CSCvv96729",
            "CSCvv96730",
            "CSCvv96732",
            "CSCvv96733",
            "CSCvv96738",
            "CSCvv96741",
            "CSCvv96742",
            "CSCvv96747",
            "CSCvv96748",
            "CSCvv96751",
            "CSCvv96755",
            "CSCvv96756",
            "CSCvv96757",
            "CSCvv96758",
            "CSCvv96759",
            "CSCvv96761",
            "CSCvv96762",
            "CSCvv96763",
            "CSCvv96764",
            "CSCvv96765",
            "CSCvv96767",
            "CSCvv96768",
            "CSCvv96771",
            "CSCvv96772",
            "CSCvv96799",
            "CSCvv96800",
            "CSCvv96801",
            "CSCvv96806",
            "CSCvv96807",
            "CSCvv96809",
            "CSCvv96810",
            "CSCvv96811",
            "CSCvv96812",
            "CSCvv96814",
            "CSCvv96817",
            "CSCvv96818",
            "CSCvv96820",
            "CSCvw04678",
            "CSCvw04779",
            "CSCvw04781",
            "CSCvw06813",
            "CSCvw06828",
            "CSCvw06832",
            "CSCvw06841",
            "CSCvw06846",
            "CSCvw06852",
            "CSCvw06860",
            "CSCvw06865",
            "CSCvw06868",
            "CSCvw06873",
            "CSCvw06874",
            "CSCvw06879",
            "CSCvw06880",
            "CSCvw06882",
            "CSCvw06894",
            "CSCvw06900",
            "CSCvw06902",
            "CSCvw06950",
            "CSCvw06958",
            "CSCvw06961",
            "CSCvw06962",
            "CSCvw06967",
            "CSCvw06971",
            "CSCvw06978",
            "CSCvw06981",
            "CSCvw06982",
            "CSCvw06987",
            "CSCvw06991",
            "CSCvw06992",
            "CSCvw06993",
            "CSCvw06998",
            "CSCvw07002",
            "CSCvw10473",
            "CSCvw10484",
            "CSCvw10487",
            "CSCvw49030",
            "CSCvw49034",
            "CSCvw49036",
            "CSCvw76488",
            "CSCvw91642"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2021-01-13T16:00:00",
          "ID": "CVE-2021-1185",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Small Business RV Series Router Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition. To exploit these vulnerabilities, an attacker would need to have valid administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.2",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-121"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20210113 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-overflow-WUnUgv4U"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-rv-overflow-WUnUgv4U",
          "defect": [
            [
              "CSCvv65098",
              "CSCvv69398",
              "CSCvv71463",
              "CSCvv71466",
              "CSCvv71467",
              "CSCvv71468",
              "CSCvv79107",
              "CSCvv79109",
              "CSCvv79110",
              "CSCvv96729",
              "CSCvv96730",
              "CSCvv96732",
              "CSCvv96733",
              "CSCvv96738",
              "CSCvv96741",
              "CSCvv96742",
              "CSCvv96747",
              "CSCvv96748",
              "CSCvv96751",
              "CSCvv96755",
              "CSCvv96756",
              "CSCvv96757",
              "CSCvv96758",
              "CSCvv96759",
              "CSCvv96761",
              "CSCvv96762",
              "CSCvv96763",
              "CSCvv96764",
              "CSCvv96765",
              "CSCvv96767",
              "CSCvv96768",
              "CSCvv96771",
              "CSCvv96772",
              "CSCvv96799",
              "CSCvv96800",
              "CSCvv96801",
              "CSCvv96806",
              "CSCvv96807",
              "CSCvv96809",
              "CSCvv96810",
              "CSCvv96811",
              "CSCvv96812",
              "CSCvv96814",
              "CSCvv96817",
              "CSCvv96818",
              "CSCvv96820",
              "CSCvw04678",
              "CSCvw04779",
              "CSCvw04781",
              "CSCvw06813",
              "CSCvw06828",
              "CSCvw06832",
              "CSCvw06841",
              "CSCvw06846",
              "CSCvw06852",
              "CSCvw06860",
              "CSCvw06865",
              "CSCvw06868",
              "CSCvw06873",
              "CSCvw06874",
              "CSCvw06879",
              "CSCvw06880",
              "CSCvw06882",
              "CSCvw06894",
              "CSCvw06900",
              "CSCvw06902",
              "CSCvw06950",
              "CSCvw06958",
              "CSCvw06961",
              "CSCvw06962",
              "CSCvw06967",
              "CSCvw06971",
              "CSCvw06978",
              "CSCvw06981",
              "CSCvw06982",
              "CSCvw06987",
              "CSCvw06991",
              "CSCvw06992",
              "CSCvw06993",
              "CSCvw06998",
              "CSCvw07002",
              "CSCvw10473",
              "CSCvw10484",
              "CSCvw10487",
              "CSCvw49030",
              "CSCvw49034",
              "CSCvw49036",
              "CSCvw76488",
              "CSCvw91642"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2021-1185",
    "datePublished": "2021-01-13T21:21:26.952959Z",
    "dateReserved": "2020-11-13T00:00:00",
    "dateUpdated": "2024-11-12T20:45:54.843Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted