Rewterz Threat Advisory – CVE-2020-4184 – IBM Security Guardium code execution
March 18, 2021Rewterz Threat Advisory – Multiple Adobe Security Vulnerabilities
March 19, 2021Rewterz Threat Advisory – CVE-2020-4184 – IBM Security Guardium code execution
March 18, 2021Rewterz Threat Advisory – Multiple Adobe Security Vulnerabilities
March 19, 2021Severity
High
Analysis Summary
CVE-2021-1287
The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a denial of service (DoS) condition on the affected device.
Impact
- Remote Command Execution
- Denial of Service
Affected Vendors
Cisco
Affected Products
- RV132W ADSL2+ Wireless-N VPN Routers if they are running a firmware release earlier than Release 1.0.1.15
- RV134W VDSL2 Wireless-AC VPN Routers if they are running a firmware release earlier than Release 1.0.1.21
Remediation
Refer to Cisco advisory for the complete list of affected products and their respective patches.