PT-2020-2952 · Cisco · Cisco Rv110W+3

Published

2020-06-17

Updated

2021-10-19

CVE-2020-3269

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco RV110W versions (affected versions not specified) Cisco RV130 versions (affected versions not specified) Cisco RV130W versions (affected versions not specified) Cisco RV215W versions (affected versions not specified)

Description The issue is related to insufficient input validation in the web interface configuration of the affected routers. This could allow a remote attacker with administrative privileges to execute arbitrary commands.

Recommendations For Cisco RV110W, update the firmware to a version that addresses the issue. For Cisco RV130, update the firmware to a version that addresses the issue. For Cisco RV130W, update the firmware to a version that addresses the issue. For Cisco RV215W, update the firmware to a version that addresses the issue.

Fix

Buffer Overflow

Memory Corruption

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787CWE-20

Related Identifiers

BDU:2020-03109

CVE-2020-3269

Affected Products

Cisco Rv110W

Cisco Rv130

Cisco Rv130W

Cisco Rv215W

PT-2020-2952 · Cisco · Cisco Rv110W+3

CVE-2020-3269

Weakness Enumeration

Related Identifiers

Affected Products

References · 4