CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1293

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.063

EPSS Ranking 90.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

Products affected by CVE-2021-1293

Cisco » Rv160 Vpn Router » Version: N/A

cpe:2.3:h:cisco:rv160_vpn_router:-
Cisco » Rv160w Wireless-Ac Vpn Router » Version: N/A

cpe:2.3:h:cisco:rv160w_wireless-ac_vpn_router:-
Cisco » Rv260 Vpn Router » Version: N/A

cpe:2.3:h:cisco:rv260_vpn_router:-
Cisco » Rv260p Vpn Router With Poe » Version: N/A

cpe:2.3:h:cisco:rv260p_vpn_router_with_poe:-
Cisco » Rv260w Wireless-Ac Vpn Router » Version: N/A

cpe:2.3:h:cisco:rv260w_wireless-ac_vpn_router:-
Cisco » Rv160 Vpn Router Firmware » Version: Any

cpe:2.3:o:cisco:rv160_vpn_router_firmware:*
Cisco » Rv160w Wireless-Ac Vpn Router Firmware » Version: Any

cpe:2.3:o:cisco:rv160w_wireless-ac_vpn_router_firmware:*
Cisco » Rv260 Vpn Router Firmware » Version: Any

cpe:2.3:o:cisco:rv260_vpn_router_firmware:*
Cisco » Rv260p Vpn Router With Poe Firmware » Version: Any

cpe:2.3:o:cisco:rv260p_vpn_router_with_poe_firmware:*
Cisco » Rv260w Wireless-Ac Vpn Router Firmware » Version: Any

cpe:2.3:o:cisco:rv260w_wireless-ac_vpn_router_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-1293

Products

Pricing

Contact Us