Description

Cisco Small Business RV Series devices have a vulnerability in web-based management interface. An unauthenticated attacker can bypass authentication and upload files to directories that should require administrative authentication.

Remediation

Upgrade to the firmware version of Cisco

References

Cisco RV34X Series – Authentication Bypass and Remote Command Execution

Related Vulnerabilities

Joomla! Core Security Bypass (1.5.0 - 3.8.12)

WordPress Plugin YITH WooCommerce Compare Security Bypass (2.3.13)

Drupal Core 8.x.x Security Bypass (8.0.0 - 8.6.18)

WordPress Plugin MAC PHOTO GALLERY Multiple Security Bypass Vulnerabilities (3.0)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.83)

Severity

Medium

Classification

CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Authentication Bypass