Description

Cisco Small Business RV Series devices have a vulnerability in web-based management interface. An unauthenticated attacker can bypass authentication and upload files to directories that should require administrative authentication.

Remediation

Upgrade to the firmware version of Cisco

References

Cisco RV34X Series – Authentication Bypass and Remote Command Execution

Related Vulnerabilities

WordPress Plugin Stripe Payment for WooCommerce Security Bypass (3.7.7)

Ruby Numeric Errors Vulnerability (CVE-2009-1904)

PHP Other Vulnerability (CVE-2004-0958)

MySQL CVE-2022-21412 Vulnerability (CVE-2022-21412)

MyBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7566)

Severity

Medium

Classification

CVE-2021-1472 CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Authentication Bypass Known Vulnerabilities