// For flags

CVE-2021-1251

Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

Severity Score

7.4
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Múltiples vulnerabilidades en la implementación del Link Layer Discovery Protocol (LLDP) para Enrutadores Cisco Small Business RV Series. Un atacante adyacente no autenticado podría ejecutar código arbitrario o causar que un enrutador afectado filtre la memoria del sistema o se recargue. Una pérdida de memoria o una recarga del dispositivo podrían causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para mayor información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso. Nota: LLDP es un protocolo de Capa 2. Para explotar estas vulnerabilidades, un atacante debe estar en el mismo dominio de transmisión que el dispositivo afectado (adyacente a Capa 2)

*Credits: N/A
CVSS Scores
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Adjacent
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2020-11-13 CVE Reserved
  • 2021-04-08 CVE Published
  • 2024-03-13 EPSS Updated
  • 2024-11-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
  • CWE-401: Missing Release of Memory after Effective Lifetime
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Rv132w Firmware
Search vendor "Cisco" for product "Rv132w Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv132w Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv132w
Search vendor "Cisco" for product "Rv132w"
--
Safe
Cisco
Search vendor "Cisco"
Rv132w Firmware
Search vendor "Cisco" for product "Rv132w Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv132w Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv132w
Search vendor "Cisco" for product "Rv132w"
--
Safe
Cisco
Search vendor "Cisco"
Rv134w Firmware
Search vendor "Cisco" for product "Rv134w Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv134w Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv134w
Search vendor "Cisco" for product "Rv134w"
--
Safe
Cisco
Search vendor "Cisco"
Rv134w Firmware
Search vendor "Cisco" for product "Rv134w Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv134w Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv134w
Search vendor "Cisco" for product "Rv134w"
--
Safe
Cisco
Search vendor "Cisco"
Rv160 Firmware
Search vendor "Cisco" for product "Rv160 Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv160 Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv160
Search vendor "Cisco" for product "Rv160"
--
Safe
Cisco
Search vendor "Cisco"
Rv160 Firmware
Search vendor "Cisco" for product "Rv160 Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv160 Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv160
Search vendor "Cisco" for product "Rv160"
--
Safe
Cisco
Search vendor "Cisco"
Rv160w Firmware
Search vendor "Cisco" for product "Rv160w Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv160w Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv160w
Search vendor "Cisco" for product "Rv160w"
--
Safe
Cisco
Search vendor "Cisco"
Rv160w Firmware
Search vendor "Cisco" for product "Rv160w Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv160w Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv160w
Search vendor "Cisco" for product "Rv160w"
--
Safe
Cisco
Search vendor "Cisco"
Rv260 Firmware
Search vendor "Cisco" for product "Rv260 Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv260 Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv260
Search vendor "Cisco" for product "Rv260"
--
Safe
Cisco
Search vendor "Cisco"
Rv260 Firmware
Search vendor "Cisco" for product "Rv260 Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv260 Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv260
Search vendor "Cisco" for product "Rv260"
--
Safe
Cisco
Search vendor "Cisco"
Rv260p Firmware
Search vendor "Cisco" for product "Rv260p Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv260p Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv260p
Search vendor "Cisco" for product "Rv260p"
--
Safe
Cisco
Search vendor "Cisco"
Rv260p Firmware
Search vendor "Cisco" for product "Rv260p Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv260p Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv260p
Search vendor "Cisco" for product "Rv260p"
--
Safe
Cisco
Search vendor "Cisco"
Rv260w Firmware
Search vendor "Cisco" for product "Rv260w Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv260w Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv260w
Search vendor "Cisco" for product "Rv260w"
--
Safe
Cisco
Search vendor "Cisco"
Rv260w Firmware
Search vendor "Cisco" for product "Rv260w Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv260w Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv260w
Search vendor "Cisco" for product "Rv260w"
--
Safe
Cisco
Search vendor "Cisco"
Rv340 Firmware
Search vendor "Cisco" for product "Rv340 Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv340 Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv340
Search vendor "Cisco" for product "Rv340"
--
Safe
Cisco
Search vendor "Cisco"
Rv340 Firmware
Search vendor "Cisco" for product "Rv340 Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv340 Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv340
Search vendor "Cisco" for product "Rv340"
--
Safe
Cisco
Search vendor "Cisco"
Rv340w Firmware
Search vendor "Cisco" for product "Rv340w Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv340w Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv340w
Search vendor "Cisco" for product "Rv340w"
--
Safe
Cisco
Search vendor "Cisco"
Rv340w Firmware
Search vendor "Cisco" for product "Rv340w Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv340w Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv340w
Search vendor "Cisco" for product "Rv340w"
--
Safe
Cisco
Search vendor "Cisco"
Rv345 Firmware
Search vendor "Cisco" for product "Rv345 Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv345 Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv345
Search vendor "Cisco" for product "Rv345"
--
Safe
Cisco
Search vendor "Cisco"
Rv345 Firmware
Search vendor "Cisco" for product "Rv345 Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv345 Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv345
Search vendor "Cisco" for product "Rv345"
--
Safe
Cisco
Search vendor "Cisco"
Rv345p Firmware
Search vendor "Cisco" for product "Rv345p Firmware"
1.0.1.14
Search vendor "Cisco" for product "Rv345p Firmware" and version "1.0.1.14"
-
Affected
in Cisco
Search vendor "Cisco"
Rv345p
Search vendor "Cisco" for product "Rv345p"
--
Safe
Cisco
Search vendor "Cisco"
Rv345p Firmware
Search vendor "Cisco" for product "Rv345p Firmware"
1.0.3.20
Search vendor "Cisco" for product "Rv345p Firmware" and version "1.0.3.20"
-
Affected
in Cisco
Search vendor "Cisco"
Rv345p
Search vendor "Cisco" for product "Rv345p"
--
Safe