medium
4.7
CWE
120 77
Advisory Published

cisco-sa-sb-rv-rce-overflow-ygHByAK: Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities

First published: Wed Jul 20 2022(Updated: )

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rce-overflow-ygHByAK

Credit: Jiaqian Peng the Institute of Information EngineeringChuan Qin the Institute of Information Engineering the Institute of Information EngineeringPuzhuo Liu the Institute of Information EngineeringChinese Academy Science for reporting these vulnerabilities

Affected SoftwareAffected VersionHow to fix
Cisco Small Business RV110W Wireless-N VPN Firewall
Cisco Small Business RV130
Cisco Small Business RV130W
Cisco Small Business RV215W

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the severity of cisco-sa-sb-rv-rce-overflow-ygHByAK?

    The severity of cisco-sa-sb-rv-rce-overflow-ygHByAK is considered high due to the potential for remote code execution.

  • How do I fix cisco-sa-sb-rv-rce-overflow-ygHByAK?

    To fix cisco-sa-sb-rv-rce-overflow-ygHByAK, upgrade your affected Cisco router to the latest firmware version provided by Cisco.

  • What devices are affected by cisco-sa-sb-rv-rce-overflow-ygHByAK?

    The devices affected by cisco-sa-sb-rv-rce-overflow-ygHByAK include Cisco Small Business RV110W, RV130, RV130W, and RV215W routers.

  • Can cisco-sa-sb-rv-rce-overflow-ygHByAK be exploited remotely?

    Yes, cisco-sa-sb-rv-rce-overflow-ygHByAK can be exploited remotely by authenticated attackers.

  • What are the potential impacts of cisco-sa-sb-rv-rce-overflow-ygHByAK?

    The potential impacts of cisco-sa-sb-rv-rce-overflow-ygHByAK include arbitrary code execution and unexpected device restarts.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203