Vulnerabilities > Cisco > Rv130W Wireless N Multifunction VPN Router Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-06-19 CVE-2016-1397 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products
Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.
network
low complexity
cisco CWE-119
6.5
2016-06-19 CVE-2016-1396 Cross-site Scripting vulnerability in Cisco products
Cross-site scripting (XSS) vulnerability in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote attackers to inject arbitrary web script or HTML via a crafted parameter, aka Bug ID CSCux82583.
network
low complexity
cisco CWE-79
6.1