Details of VAR-202102-1535

ID

VAR-202102-1535

TITLE

Cisco RV110W product has a buffer overflow vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-05425

DESCRIPTION

Cisco RV110W Wireless-N VPN Firewall is an enterprise-level router of Cisco (Cisco). The Cisco RV110W product has a buffer overflow vulnerability. The vulnerability is caused by the program's failure to correctly verify user data. Remote attackers can use malicious HTTP requests to exploit the vulnerability to execute arbitrary code on the system.

Trust: 0.6

sources: CNVD: CNVD-2021-05425

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-05425

AFFECTED PRODUCTS

vendor:

cisco

model:

rv110w wireless-n vpn firewall

scope:

version:

v1.2.2.8

Trust: 0.6

sources: CNVD: CNVD-2021-05425

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-05425
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2021-05425
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:L/AU:S/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-05425

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-05425

Trust: 0.6

sources: CNVD: CNVD-2021-05425

SOURCES

db:

CNVD

id:

CNVD-2021-05425

LAST UPDATE DATE

2022-05-04T09:27:49.251000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-05425

date:

2021-01-24T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-05425

date:

2021-02-20T00:00:00