What is the severity of CVE-2021-1309?

The severity of CVE-2021-1309 is high with a CVSS score of 8.8.

Which Cisco routers are affected by CVE-2021-1309?

Cisco Small Business RV Series Routers with specific firmware versions: 1.0.0.14, 1.0.1.14, and 1.0.1.20.

How can I fix CVE-2021-1309?

Update the firmware of the affected Cisco Small Business RV Series Routers to a version that includes the necessary security patches.

Vulnerability/
CVE-2021-1309

high

8.8

CWE

401 119

8/4/2021

8/11/2024

CVE-2021-1309: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

First published: Thu Apr 08 2021(Updated: )

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Rv132w Firmware	=1.0.0.14
Cisco Rv132w Firmware	=1.0.1.14
Cisco Rv132w Firmware	=1.0.1.20
Cisco RV132W
Cisco Rv134w Firmware	=1.0.0.14
Cisco Rv134w Firmware	=1.0.1.14
Cisco Rv134w Firmware	=1.0.1.20
Cisco RV134W
Cisco Rv160 Firmware	=1.0.0.14
Cisco Rv160 Firmware	=1.0.1.14
Cisco Rv160 Firmware	=1.0.1.20
Cisco Rv160
Cisco Rv160w Firmware	=1.0.0.14
Cisco Rv160w Firmware	=1.0.1.14
Cisco Rv160w Firmware	=1.0.1.20
Cisco Rv160w
Cisco Rv260 Firmware	=1.0.0.14
Cisco Rv260 Firmware	=1.0.1.14
Cisco Rv260 Firmware	=1.0.1.20
Cisco Rv260
Cisco Rv260p Firmware	=1.0.0.14
Cisco Rv260p Firmware	=1.0.1.14
Cisco Rv260p Firmware	=1.0.1.20
Cisco Rv260p
Cisco Rv260w Firmware	=1.0.0.14
Cisco Rv260w Firmware	=1.0.1.14
Cisco Rv260w Firmware	=1.0.1.20
Cisco Rv260w
Cisco Rv340 Firmware	=1.0.0.14
Cisco Rv340 Firmware	=1.0.1.14
Cisco Rv340 Firmware	=1.0.1.20
Cisco RV340
Cisco Rv340w Firmware	=1.0.0.14
Cisco Rv340w Firmware	=1.0.1.14
Cisco Rv340w Firmware	=1.0.1.20
Cisco Rv340w
Cisco Rv345 Firmware	=1.0.0.14
Cisco Rv345 Firmware	=1.0.1.14
Cisco Rv345 Firmware	=1.0.1.20
Cisco Rv345
Cisco Rv345p Firmware	=1.0.0.14
Cisco Rv345p Firmware	=1.0.1.14
Cisco Rv345p Firmware	=1.0.1.20
Cisco Rv345p

Never miss a vulnerability like this again

Reference Links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe

Frequently Asked Questions

What is CVE-2021-1309?
CVE-2021-1309 is a vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers.
What is the severity of CVE-2021-1309?
The severity of CVE-2021-1309 is high with a CVSS score of 8.8.
How can an attacker exploit CVE-2021-1309?
An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload.
Which Cisco routers are affected by CVE-2021-1309?
Cisco Small Business RV Series Routers with specific firmware versions: 1.0.0.14, 1.0.1.14, and 1.0.1.20.
How can I fix CVE-2021-1309?
Update the firmware of the affected Cisco Small Business RV Series Routers to a version that includes the necessary security patches.

collector/nvd-index
agent/type
agent/softwarecombine
agent/references
agent/author
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/title
agent/tags
agent/event
agent/first-publish-date
vendor/cisco
canonical/cisco rv132w firmware
version/cisco rv132w firmware/1.0.0.14
version/cisco rv132w firmware/1.0.1.14
version/cisco rv132w firmware/1.0.1.20
canonical/cisco rv132w
canonical/cisco rv134w firmware
version/cisco rv134w firmware/1.0.0.14
version/cisco rv134w firmware/1.0.1.14
version/cisco rv134w firmware/1.0.1.20
canonical/cisco rv134w
canonical/cisco rv160 firmware
version/cisco rv160 firmware/1.0.0.14
version/cisco rv160 firmware/1.0.1.14
version/cisco rv160 firmware/1.0.1.20
canonical/cisco rv160
canonical/cisco rv160w firmware
version/cisco rv160w firmware/1.0.0.14
version/cisco rv160w firmware/1.0.1.14
version/cisco rv160w firmware/1.0.1.20
canonical/cisco rv160w
canonical/cisco rv260 firmware
version/cisco rv260 firmware/1.0.0.14
version/cisco rv260 firmware/1.0.1.14
version/cisco rv260 firmware/1.0.1.20
canonical/cisco rv260
canonical/cisco rv260p firmware
version/cisco rv260p firmware/1.0.0.14
version/cisco rv260p firmware/1.0.1.14
version/cisco rv260p firmware/1.0.1.20
canonical/cisco rv260p
canonical/cisco rv260w firmware
version/cisco rv260w firmware/1.0.0.14
version/cisco rv260w firmware/1.0.1.14
version/cisco rv260w firmware/1.0.1.20
canonical/cisco rv260w
canonical/cisco rv340 firmware
version/cisco rv340 firmware/1.0.0.14
version/cisco rv340 firmware/1.0.1.14
version/cisco rv340 firmware/1.0.1.20
canonical/cisco rv340
canonical/cisco rv340w firmware
version/cisco rv340w firmware/1.0.0.14
version/cisco rv340w firmware/1.0.1.14
version/cisco rv340w firmware/1.0.1.20
canonical/cisco rv340w
canonical/cisco rv345 firmware
version/cisco rv345 firmware/1.0.0.14
version/cisco rv345 firmware/1.0.1.14
version/cisco rv345 firmware/1.0.1.20
canonical/cisco rv345
canonical/cisco rv345p firmware
version/cisco rv345p firmware/1.0.0.14
version/cisco rv345p firmware/1.0.1.14
version/cisco rv345p firmware/1.0.1.20
canonical/cisco rv345p

CVE-2021-1309: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2021-1309?

What is the severity of CVE-2021-1309?

How can an attacker exploit CVE-2021-1309?

Which Cisco routers are affected by CVE-2021-1309?

How can I fix CVE-2021-1309?

Company

Resources

Contact