CVE-2021-1415
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution Vulnerabilities
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device.
Múltiples vulnerabilidades en la interfaz de administración basada en web de Enrutadores Cisco RV340, RV340W, RV345 y RV345P Dual WAN Gigabit VPN, podrían permitir a un atacante remoto autenticado ejecutar código arbitrario con privilegios elevados equivalentes al proceso de servicio web en un dispositivo afectado. Estas vulnerabilidades se presentan porque unas peticiones HTTP no son comprobadas apropiadamente. Un atacante podría explotar estas vulnerabilidades mediante el envío de una petición HTTP diseñada hacia la interfaz de administración basada en web de un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar remotamente código arbitrario en el dispositivo
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is required to exploit this vulnerability.
The specific flaw exists within the processing of JSON-RPC requests. When parsing the usmUserEngineID property, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the www-data user.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2020-11-13 CVE Reserved
- 2021-04-08 CVE Published
- 2023-06-16 EPSS Updated
- 2024-11-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-502: Deserialization of Untrusted Data
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://www.zerodayinitiative.com/advisories/ZDI-21-560 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Rv340 Firmware Search vendor "Cisco" for product "Rv340 Firmware" | < 1.0.03.21 Search vendor "Cisco" for product "Rv340 Firmware" and version " < 1.0.03.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340 Search vendor "Cisco" for product "Rv340" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Rv340w Firmware Search vendor "Cisco" for product "Rv340w Firmware" | < 1.0.03.21 Search vendor "Cisco" for product "Rv340w Firmware" and version " < 1.0.03.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340w Search vendor "Cisco" for product "Rv340w" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Rv345 Firmware Search vendor "Cisco" for product "Rv345 Firmware" | < 1.0.03.21 Search vendor "Cisco" for product "Rv345 Firmware" and version " < 1.0.03.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345 Search vendor "Cisco" for product "Rv345" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Rv345p Firmware Search vendor "Cisco" for product "Rv345p Firmware" | < 1.0.03.21 Search vendor "Cisco" for product "Rv345p Firmware" and version " < 1.0.03.21" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345p Search vendor "Cisco" for product "Rv345p" | - | - |
Safe
|