Description

Cisco Small Business RV Series devices have a vulnerability in web-based management interface. An unauthenticated attacker can bypass authentication and upload files to directories that should require administrative authentication.

Remediation

Upgrade to the firmware version of Cisco

References

Cisco RV34X Series – Authentication Bypass and Remote Command Execution

Related Vulnerabilities

MySQL CVE-2016-0668 Vulnerability (CVE-2016-0668)

Joomla Other Vulnerability (CVE-2006-7008)

Nexus Repository Manager Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2017-17717)

phpMyFAQ Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) Vulnerability (CVE-2023-1758)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14750)

Severity

Medium

Classification

CVE-2021-1472 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Authentication Bypass Known Vulnerabilities