Description

Cisco Small Business RV Series devices have a vulnerability in web-based management interface. An unauthenticated attacker can bypass authentication and upload files to directories that should require administrative authentication.

Remediation

Upgrade to the firmware version of Cisco

References

Cisco RV34X Series – Authentication Bypass and Remote Command Execution

Related Vulnerabilities

WordPress Plugin Content Aware Sidebars-Unlimited Widget Areas Security Bypass (3.8)

WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)

WordPress Plugin LearnPress-WordPress LMS Security Bypass (4.1.4.1)

Drupal Core 8.x.x Security Bypass (8.0.0 - 8.7.14)

WordPress Plugin Premium Addons for Elementor Security Bypass (4.5.1)

Severity

Medium

Classification

CWE-119 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Authentication Bypass