Vulnerabilities > Cisco > Rv260P VPN Router With POE Firmware > High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-20	CVE-2023-20045	Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user input. network low complexity cisco CWE-20	7.2
2021-02-04	CVE-2021-1297	Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. network low complexity cisco CWE-22	7.5
2021-02-04	CVE-2021-1296	Path Traversal vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. network low complexity cisco CWE-22	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.