CVE-2021-1609
published 2021-08-04CVE-2021-1609: Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
9.69%
94.9th percentile
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_small_business_rv_series_router_firmware | — | — |
| cisco | rv340_rv340w_rv345_and_rv345p_dual_wan_gigabit_vpn_routers_web_management | — | — |
| cisco | small_business_rv_series_router_firmware | < 1.0.03.22 | 1.0.03.22 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2021-1609 is exploitable via a specially crafted HTTP request to the web management interface; detect anomalous/malformed HTTP requests targeting Cisco RV340/RV340W/RV345/RV345P web management ports ↗
- →The vulnerability stems from improper validation of HTTP requests (CWE-121 stack-based buffer overflow, CWE-149 improper neutralization); monitor web management interface traffic on affected Cisco Small Business VPN routers for unexpected or oversized HTTP request payloads ↗
- ·CVE-2021-1609 (RCE/DoS, CVSSv3 9.8) and CVE-2021-1610 (command injection, CVSSv3 7.2) are distinct vulnerabilities that can be exploited independently; some firmware versions may only be affected by one of the two ↗
- ·Affected devices are RV340, RV340W, RV345, and RV345P only; RV160, RV160W, RV260, RV260P, and RV260W are NOT vulnerable ↗
- ·Firmware version 1.0.03.22 and later fixes these vulnerabilities; devices running earlier firmware are vulnerable ↗
- ·CWE classifications for CVE-2021-1609 are CWE-121 (Stack-based Buffer Overflow) and CWE-149 (Improper Neutralization of Quoting Syntax), per the official Cisco advisory ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_cisco9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
vendor_cisco·2021-08-04·CVSS 9.8
CVE-2021-1609 [CRITICAL] CWE-121 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following:
Execute arbitrary code
Cause a denial of service (DoS) condition
Execute arbitrary commands
For more information about these vulnerabilities, see the Details section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv340-cmdinj-rcedos-pY8J3qfy
Cisco
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
vendor_cisco·CVSS 3.1
CVE-2021-1609 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
CVE-2021-1609: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the
CVSS: 3.1
CWE: CWE-121, CWE-149, CWE-121, CWE-149
Bug IDs: CSCvy15286, CSCvy15342, CSCvy15286, CSCvy15342
GHSA
GHSA-3mfr-q2cq-gc94: Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Route
ghsa_unreviewed·2022-05-24
CVE-2021-1609 [CRITICAL] GHSA-3mfr-q2cq-gc94: Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Route
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory.
No detection rules found.
No public exploits indexed.
Checkpoint
09th August – Threat Intelligence Report
blogs_checkpoint·2021-08-09·CVSS 9.8
CVE-2021-20090 [CRITICAL] 09th August – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 09th August – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 9th August, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
Four critical infrastructures organizations in South East Asia have been the target the of a cyberespionage campaign by alleged Chinese threat actors for several months, aiming at exploiting information from the victims’ SCADA systems. The targeted sectors included power, water, defense, and communications companies.
The Au
Tenable
CVE-2021-1609: Critical Remote Code Execution Vulnerability in Cisco Small Business VPN Routers
blogs_tenable·2021-08-05·CVSS 9.8
[CRITICAL] CVE-2021-1609: Critical Remote Code Execution Vulnerability in Cisco Small Business VPN Routers
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
2021-08-04
Published