Summaryinfo

A vulnerability classified as critical was found in Cisco RV016, RV042, RV042G, RV082, RV320 and RV325. Affected by this vulnerability is an unknown functionality of the component Web-based Management Interface. The manipulation leads to stack-based overflow. This vulnerability is known as CVE-2021-1331. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Detailsinfo

A vulnerability classified as critical has been found in Cisco RV016, RV042, RV042G, RV082, RV320 and RV325 (Router Operating System). Affected is an unknown functionality of the component Web-based Management Interface. The manipulation with an unknown input leads to a stack-based overflow vulnerability. CWE is classifying the issue as CWE-121. A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). This is going to have an impact on confidentiality, integrity, and availability.

The weakness was shared 02/05/2021 as cisco-sa-rv-overflow-ghZP68yj. The advisory is available at tools.cisco.com. This vulnerability is traded as CVE-2021-1331. The technical details are unknown and an exploit is not available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 02/24/2021).

Upgrading eliminates this vulnerability.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• RV016
• RV042
• RV042G
• RV082
• RV320
• RV325

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion