Cisco Rv160 Vpn Router Firmware vulnerabilities
10 known vulnerabilities affecting cisco/rv160_vpn_router_firmware.
Total CVEs
10
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH3
Vulnerabilities
Page 1 of 1
CVE-2021-1293P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1293 [CRITICAL] CWE-472 CVE-2021-1293: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1295P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1295 [CRITICAL] CWE-472 CVE-2021-1295: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1290P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1290 [CRITICAL] CWE-472 CVE-2021-1290: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1291P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1291 [CRITICAL] CWE-472 CVE-2021-1291: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1289P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1289 [CRITICAL] CWE-472 CVE-2021-1289: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1292P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1292 [CRITICAL] CWE-472 CVE-2021-1292: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1294P2CRITICALCVSS 9.8fixed in 1.0.01.022021-02-04
CVE-2021-1294 [CRITICAL] CWE-472 CVE-2021-1294: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could e
nvd
CVE-2021-1296P3HIGHCVSS 7.5fixed in 1.0.01.022021-02-04
CVE-2021-1296 [HIGH] CWE-36 CVE-2021-1296: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input
nvd
CVE-2021-1297P3HIGHCVSS 7.5fixed in 1.0.01.022021-02-04
CVE-2021-1297 [HIGH] CWE-36 CVE-2021-1297: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input
nvd
CVE-2023-20045P3HIGHCVSS 7.2fixed in 1.0.01.042023-01-20
CVE-2023-20045 [HIGH] CWE-77 CVE-2023-20045: A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series
A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.
This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerab
nvd