A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HCisco Rv042
HWCiscowszystkie wersjeCisco Rv042g
HWCiscowszystkie wersjeCisco Rv082
HWCiscowszystkie wersjeCisco Rv110w
HWCiscowszystkie wersjeCisco Rv130
HWCiscowszystkie wersjeCisco Rv130w
HWCiscowszystkie wersjeCisco Rv130 Wf
HWCiscowszystkie wersjeCisco Rv130w Wf
HWCiscowszystkie wersjeCisco Rv132w
HWCiscowszystkie wersjeCisco Rv134w
HWCiscowszystkie wersjeCisco Rv215w
HWCiscowszystkie wersjeCisco Rv320
HWCiscowszystkie wersjeCisco Rv320 Wf
HWCiscowszystkie wersjeCisco Rv325
HWCiscowszystkie wersjeCisco Rv325 Wf
HWCiscowszystkie wersjeCisco Small Business Rv Router Firmware
APPCisco1.0.0.301.0.1.191.0.1.91.0.2.61.0.3.101.0.391.0.4.101.0.4.141.0.5.41.0.5.4\(gd\)1.0.5.51.0.5.61.0.5.81.0.6.6Cisco Small Business Rv Router Firmware 1.0
APPCisco0.2
Related vulnerabilities
A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VP...
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 ...
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215...
A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215...
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN R...