Cisco Application Extension Platform vulnerabilities

CVE-2021-1207 [HIGH] CWE-121 CVE-2021-1207: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1206 [HIGH] CWE-121 CVE-2021-1206: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1171 [HIGH] CWE-121 CVE-2021-1171: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1192 [HIGH] CWE-121 CVE-2021-1192: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1168 [HIGH] CWE-121 CVE-2021-1168: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1213 [HIGH] CWE-121 CVE-2021-1213: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1210 [HIGH] CWE-121 CVE-2021-1210: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1188 [HIGH] CWE-121 CVE-2021-1188: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1146 [HIGH] CWE-20 CVE-2021-1146: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface.

CVE-2021-1173 [HIGH] CWE-121 CVE-2021-1173: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1166 [HIGH] CWE-121 CVE-2021-1166: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly. The vulnerabilities are due to improper validation of user-supplied input in the web-based management

CVE-2021-1157 [MEDIUM] CWE-79 CVE-2021-1157: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1158 [MEDIUM] CWE-79 CVE-2021-1158: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1151 [MEDIUM] CWE-79 CVE-2021-1151: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1152 [MEDIUM] CWE-79 CVE-2021-1152: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1153 [MEDIUM] CWE-79 CVE-2021-1153: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1154 [MEDIUM] CWE-79 CVE-2021-1154: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1155 [MEDIUM] CWE-79 CVE-2021-1155: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2021-1156 [MEDIUM] CWE-79 CVE-2021-1156: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130 Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. The vulnerabilities are due to insufficient input validation by the web-based management interface.

CVE-2010-1572 Cisco Application Extension Platform Privilege Escalation Vulnerability CVE-2010-1572: Cisco Application Extension Platform Privilege Escalation Vulnerability The Cisco Application Extension Platform contains a privilege escalation vulnerability in the tech support diagnostic shell that may allow an authenticated user to obtain administrative access to a vulnerable Cisco Application Extension Platform module. Cisco has released software updates that address this vulnerability. Ther