A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based management interface of the targeted device. A successful exploit could allow the attacker to execute commands with root privileges.
Metrics
Affected Vendors & Products
References
History
Tue, 12 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|
MITRE
Status: PUBLISHED
Assigner: cisco
Published: 2019-11-26T03:12:26.649466Z
Updated: 2024-11-12T21:20:58.058Z
Reserved: 2019-08-20T00:00:00
Link: CVE-2019-15271
Vulnrichment
Updated: 2024-08-05T00:42:00.917Z
NVD
Status : Modified
Published: 2019-11-26T03:15:11.050
Modified: 2024-11-21T04:28:20.240
Link: CVE-2019-15271
Redhat
No data.