Cisco Rv042G Dual Gigabit Wan Vpn Firmware vulnerabilities

CVE-2019-15957 [HIGH] CWE-20 CVE-2019-15957: A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Rout A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system. When processed, the commands will be executed with root privileges. The vulnerability is due to insufficie

CVE-2019-15271 [HIGH] CWE-502 CVE-2019-15271: A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Rout A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload.

CVE-2019-15990 [MEDIUM] CWE-285 CVE-2019-15990: A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Rout A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an unauthenticated, remote attacker to view information displayed in the web-based management interface. The vulnerability is due to improper authorization of HTTP requests. An attacker could exploit this vulnerability by sending craft

CVE-2015-6418 [MEDIUM] CWE-200 CVE-2015-6418: The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2 The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2.07 does not have sufficient entropy, which makes it easier for remote attackers to determine a TLS key pair via unspecified computations upon handshake key-exchange data, aka Bug ID CSCus15224.