Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability

Information

Severity

Severity

High

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

7.2

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

6 years ago

Modified

Modified

3 years ago

Summary

A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The commands are executed with full administrator privileges.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

This vulnerability is fixed in the following firmware versions. RV110W Wireless-N VPN Firewall, Release 1.2.1.7 RV130W Wireless-N Multifunction VPN Router, Release 1.0.3.16 RV215W Wireless-N VPN Router, Release 1.3.0.8

Common Vulnerabilities and Exposures (CVE)