CVE-2021-1472
published 2021-04-08CVE-2021-1472: Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOIT
Exploited in the wild
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_small_business_rv_series_router_firmware | — | — |
| cisco | rv160_firmware | < 1.0.01.03 | 1.0.01.03 |
| cisco | rv160w_firmware | < 1.0.01.03 | 1.0.01.03 |
| cisco | rv260_firmware | < 1.0.01.03 | 1.0.01.03 |
| cisco | rv260p_firmware | < 1.0.01.03 | 1.0.01.03 |
| cisco | rv260w_firmware | < 1.0.01.03 | 1.0.01.03 |
| cisco | rv340_firmware | < 1.0.03.21 | 1.0.03.21 |
| cisco | rv340w_firmware | < 1.0.03.21 | 1.0.03.21 |
| cisco | rv345_firmware | < 1.0.03.21 | 1.0.03.21 |
| cisco | rv345p_firmware | < 1.0.03.21 | 1.0.03.21 |
| cisco | small_business_rv_series_routers | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck5.3MEDIUM