Cisco RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Multiple Vulnerabilities

Multiple vulnerabilities in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary code on an affected device. The vulnerabilities are due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit these vulnerabilities by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.

N/A

内存缓冲区边界内操作的限制不恰当

多款Cisco产品缓冲区错误漏洞

Cisco RV110W Wireless-N VPN Firewall是美国思科（Cisco）公司的一款企业级路由器。 多款Cisco产品中的Web管理界面存在缓冲区错误漏洞，该漏洞源于程序没有正确验证用户数据。远程攻击者可借助恶意HTTP请求利用该漏洞在系统上执行任意代码。以下产品及版本受到影响：Cisco RV110W Wireless-N VPN Firewall；RV130 VPN Router；RV130W Wireless-N Multifunction VPN Router；RV215W

N/A

N/A