CVE-2021-1473

Published on: 04/08/2021 12:00:00 AM UTC

Last Modified on: 04/08/2021 11:26:00 AM UTC

CVE-2021-1473 - advisory for cisco-sa-sb-rv-bypass-inject-Rbhgvfdx

Source: Mitre
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Certain versions of Rv340 from Cisco contain the following vulnerability:

Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

  • CVE-2021-1473 has been assigned by [email protected] to track the vulnerability
  • The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.
  • Affected Vendor/Software: Cisco - Cisco Small Business RV Series Router Firmware version n/a

CVE References

Description Tags Link
Cisco Small Business RV Series Routers Vulnerabilities tools.cisco.com
text/html
URL Logo CISCO 20210407 Cisco Small Business RV Series Routers Vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareCiscoRv340-AllAllAll
HardwareCiscoRv340w-AllAllAll
Operating
System
CiscoRv340w FirmwareAllAllAllAll
Operating
System
CiscoRv340 FirmwareAllAllAllAll
HardwareCiscoRv345-AllAllAll
HardwareCiscoRv345p-AllAllAll
Operating
System
CiscoRv345p FirmwareAllAllAllAll
Operating
System
CiscoRv345 FirmwareAllAllAllAll
  • cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:rv340w_firmware:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:rv345p_firmware:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:rv345_firmware:*:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @CVEreport CVE-2021-1473 : Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Ser… twitter.com/i/web/status/1… 2021-04-08 04:22:46
Twitter Icon @ioti_rl Advisory: Authentication bypass and RCE in Cisco RV34X series routers (CVE-2021-1472 and CVE-2021-1473) iot-inspector.com/blog/advisory-… 2021-04-13 11:43:59
Twitter Icon @autumn_good_35 認証バイパスとOSコマンドインジェクションの合わせ技。 CVE-2021-1472、CVE-2021-1473 Advisory: Cisco RV34X Series - Authentication Bypass and R… twitter.com/i/web/status/1… 2021-04-14 14:25:24
Twitter Icon @cyberprotectgrp "The first vulnerability – CVE-2021-1473 – could allow an unauthenticated, remote attacker to execute arbitrary com… twitter.com/i/web/status/1… 2021-04-14 16:18:49