CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-1610 – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1610
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la interfaz de administración basada en web de los routers Cisco Small Business versiones RV340, RV340W, RV345 y RV345P Dual WAN Gigabit VPN podrían permitir a un atacante hacer lo siguiente: Ejecutar código arbitrario Causar una condición de denegación de servicio (DoS) Ejecutar comandos arbitrarios Para mayor información sobre estas vulnerabilidades, véase la sección Details de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv340-cmdinj-rcedos-pY8J3qfy • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2021-1609 – Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
https://notcve.org/view.php?id=CVE-2021-1609
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory. Múltiples vulnerabilidades en la interfaz de administración basada en web de los routers Cisco Small Business versiones RV340, RV340W, RV345 y RV345P Dual WAN Gigabit VPN podrían permitir a un atacante hacer lo siguiente: Ejecutar código arbitrario Causar una condición de denegación de servicio (DoS) Ejecutar comandos arbitrarios Para mayor información sobre estas vulnerabilidades, véase la sección Details de este aviso • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv340-cmdinj-rcedos-pY8J3qfy • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 15EXPL: 0CVE-2017-6784
https://notcve.org/view.php?id=CVE-2017-6784
A vulnerability in the web interface of the Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to Cisco WebEx Meetings not sufficiently protecting sensitive data when responding to an HTTP request to the web interface. An attacker could exploit the vulnerability by attempting to use the HTTP protocol and looking at the data in the HTTP responses from the Cisco WebEx Meetings Server. An exploit could allow the attacker to find sensitive information about the application. • http://www.securityfocus.com/bid/100402 http://www.securitytracker.com/id/1039191 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170816-crr • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •