Vulnerabilities > Cisco > Rv260W Wireless AC VPN Router Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-02-04 CVE-2021-1297 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system.
network
low complexity
cisco CWE-22
7.5
7.5
2021-02-04 CVE-2021-1296 Path Traversal vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system.
network
low complexity
cisco CWE-22
7.5
7.5
2021-02-04 CVE-2021-1295 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8
2021-02-04 CVE-2021-1294 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8
2021-02-04 CVE-2021-1293 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8
2021-02-04 CVE-2021-1292 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8
2021-02-04 CVE-2021-1291 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8
2021-02-04 CVE-2021-1290 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8
2021-02-04 CVE-2021-1289 External Control of Assumed-Immutable Web Parameter vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device.
network
low complexity
cisco CWE-472
critical
 9.8
9.8