Sign-up

ID

VAR-202102-0565


CVE

CVE-2021-1294


TITLE

plural  Cisco Small Business RV  Vulnerability in router

Trust: 0.8

sources: JVNDB: JVNDB-2021-003104

DESCRIPTION

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. plural Cisco Small Business RV An unspecified vulnerability exists in the router.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the web service, which listens on TCP port 443 by default. When parsing the filename parameter, the process does not properly validate a user-supplied string before using it to execute a system call

Trust: 2.34

sources: NVD: CVE-2021-1294 // JVNDB: JVNDB-2021-003104 // ZDI: ZDI-21-137 // VULMON: CVE-2021-1294

AFFECTED PRODUCTS

vendor:ciscomodel:rv260 vpn routerscope:ltversion:1.0.01.02

Trust: 1.0

vendor:ciscomodel:rv260w wireless-ac vpn routerscope:ltversion:1.0.01.02

Trust: 1.0

vendor:ciscomodel:rv260p vpn router with poescope:ltversion:1.0.01.02

Trust: 1.0

vendor:ciscomodel:rv160 vpn routerscope:ltversion:1.0.01.02

Trust: 1.0

vendor:ciscomodel:rv160w wireless-ac vpn routerscope:ltversion:1.0.01.02

Trust: 1.0

vendor:シスコシステムズmodel:rv260w wireless-ac vpn routerscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv160w wireless-ac vpn routerscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv160 vpn routerscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv260p vpn router with poescope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv260 vpn routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:multiple routersscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-21-137 // JVNDB: JVNDB-2021-003104 // NVD: CVE-2021-1294

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-1294
value: CRITICAL

Trust: 1.8

ZDI: CVE-2021-1294
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202102-341
value: CRITICAL

Trust: 0.6

VULMON: CVE-2021-1294
value: HIGH

Trust: 0.1

VULMON: CVE-2021-1294
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

NVD: CVE-2021-1294
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-1294
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2021-1294
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-21-137 // VULMON: CVE-2021-1294 // JVNDB: JVNDB-2021-003104 // CNNVD: CNNVD-202102-341 // NVD: CVE-2021-1294

PROBLEMTYPE DATA

problemtype:CWE-472

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-003104 // NVD: CVE-2021-1294

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202102-341

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202102-341

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2021-1294

PATCH
title:Cisco has issued an update to correct this vulnerability.url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv160-260-rce-xzefknhf
Trust: 1.5
title:Multiple  Cisco Product Authorization Issue Vulnerability Fixing Measuresurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=140563
Trust: 0.6
title:Cisco: Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv160-260-rce-xzefknhf
Trust: 0.1
title:Threatposturl:https://threatpost.com/cisco-flaws-vpn-routers-rce/163662/
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-137 // 
            
            
            
            VULMON: CVE-2021-1294 // 
            
            
            
            JVNDB: JVNDB-2021-003104 // 
            
            
            
            CNNVD: CNNVD-202102-341

EXTERNAL IDS
db:NVDid:CVE-2021-1294
Trust: 3.2
db:ZDIid:ZDI-21-137
Trust: 0.8
db:JVNDBid:JVNDB-2021-003104
Trust: 0.8
db:ZDI_CANid:ZDI-CAN-11848
Trust: 0.7
db:CNNVDid:CNNVD-202102-341
Trust: 0.6
db:VULMONid:CVE-2021-1294
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-137 // 
            
            
            
            VULMON: CVE-2021-1294 // 
            
            
            
            JVNDB: JVNDB-2021-003104 // 
            
            
            
            CNNVD: CNNVD-202102-341 // 
            
            
            
            NVD: CVE-2021-1294

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv160-260-rce-xzefknhf
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2021-1294
Trust: 1.4
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://cwe.mitre.org/data/definitions/472.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://threatpost.com/cisco-flaws-vpn-routers-rce/163662/
Trust: 0.1
url:https://www.zerodayinitiative.com/advisories/zdi-21-137/
Trust: 0.1
sources:
            
            
            ZDI: ZDI-21-137 // 
            
            
            
            VULMON: CVE-2021-1294 // 
            
            
            
            JVNDB: JVNDB-2021-003104 // 
            
            
            
            CNNVD: CNNVD-202102-341 // 
            
            
            
            NVD: CVE-2021-1294

CREDITS
T Shiomitsu
Trust: 0.7
sources:
            
            
            ZDI: ZDI-21-137

SOURCES
db:ZDIid:ZDI-21-137
db:VULMONid:CVE-2021-1294
db:JVNDBid:JVNDB-2021-003104
db:CNNVDid:CNNVD-202102-341
db:NVDid:CVE-2021-1294

LAST UPDATE DATE
2022-05-04T08:52:16.864000+00:00

SOURCES UPDATE DATE
db:ZDIid:ZDI-21-137date:2021-02-04T00:00:00
db:VULMONid:CVE-2021-1294date:2021-02-08T00:00:00
db:JVNDBid:JVNDB-2021-003104date:2021-10-18T08:03:00
db:CNNVDid:CNNVD-202102-341date:2021-02-09T00:00:00
db:NVDid:CVE-2021-1294date:2021-02-08T16:17:00

SOURCES RELEASE DATE
db:ZDIid:ZDI-21-137date:2021-02-04T00:00:00
db:VULMONid:CVE-2021-1294date:2021-02-04T00:00:00
db:JVNDBid:JVNDB-2021-003104date:2021-10-18T00:00:00
db:CNNVDid:CNNVD-202102-341date:2021-02-03T00:00:00
db:NVDid:CVE-2021-1294date:2021-02-04T17:15:00