Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities
Vulnerability Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Vulnerability Type
绝对路径遍历
Vulnerability Title
多款Cisco产品路径遍历漏洞
Vulnerability Description
Cisco RV160等都是美国思科(Cisco)公司的一款应用于企业环境的路由器。 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers 存在路径遍历漏洞,该漏洞允许未经身份验证的远程攻击者可利用该漏洞进行目录遍历攻击,并覆盖受影响系统上应该受限制的某些文件。
CVSS Information
N/A
Vulnerability Type
N/A