CVE-2016-1395 — Improper Input Validation in Cisco Rv110w Wireless-n VPN Firewall Firmware
Severity
9.8CRITICALNVD
EPSS
1.2%
top 21.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 19
Latest updateMay 17
Description
The web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to execute arbitrary code as root via a crafted HTTP request, aka Bug ID CSCux82428.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9