CVE-2021-1217

Name of the Vulnerable Software and Affected Versions: Cisco RV110W versions not specified Cisco RV130 versions not specified Cisco RV130W versions not specified Cisco RV215W versions not specified

Description: The issue is caused by a buffer overflow on the stack in the web-based management interface of the affected routers. This could allow a remote attacker to execute arbitrary code or cause a denial of service. The vulnerabilities are due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload.

Recommendations: For Cisco RV110W, update to a version that fixes the vulnerability. For Cisco RV130, update to a version that fixes the vulnerability. For Cisco RV130W, update to a version that fixes the vulnerability. For Cisco RV215W, update to a version that fixes the vulnerability. As a temporary workaround, consider restricting access to the web-based management interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.