CVE-2021-1202

Name of the Vulnerable Software and Affected Versions: Cisco RV110W versions not specified Cisco RV130 versions not specified Cisco RV130W versions not specified Cisco RV215W versions not specified

Description: The issue is related to insufficient input validation in the web-based management interface of the affected devices. This could allow a remote attacker with valid administrator credentials to execute arbitrary code or cause the device to restart unexpectedly. The attacker could exploit this by sending crafted HTTP requests to the device. A successful exploit could result in the execution of arbitrary code as the root user on the underlying operating system or cause the device to reload, leading to a denial of service condition.

Recommendations: For Cisco RV110W, update to a version that addresses the issue, if available. For Cisco RV130, update to a version that addresses the issue, if available. For Cisco RV130W, update to a version that addresses the issue, if available. For Cisco RV215W, update to a version that addresses the issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.