Vulnerabilities > Cisco > Rv320
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-01-24 | CVE-2019-1653 | Improper Access Control vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. | 5.0 |
2019-01-24 | CVE-2019-1652 | Improper Input Validation vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. | 9.0 |
2017-10-12 | CVE-2015-6358 | Improper Certificate Validation vulnerability in Cisco products Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913. | 4.3 |
2017-05-16 | CVE-2017-3882 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 8.3 |