CVE-2021-1287 — Stack-based Buffer Overflow in Cisco Rv132w Firmware
Severity
7.2HIGHNVD
EPSS
0.3%
top 44.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 18
Latest updateMay 24
Description
A vulnerability in the web-based management interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected devic…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9
Affected Packages3 packages
🔴Vulnerability Details
3GHSA▶
GHSA-rh36-49q6-fm2j: A vulnerability in the web-based management interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers cou↗2022-05-24
GHSA▶
go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON↗2021-06-15
CVEList▶
Cisco Small Business RV132W and RV134W Routers Management Interface Remote Command Execution and Denial of Service Vulnerability↗2021-03-18
📋Vendor Advisories
1Cisco▶
Cisco Small Business RV132W and RV134W Routers Management Interface Remote Command Execution and Denial of Service Vulnerability↗2021-03-17