May 16, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Severity
High
Analysis Summary
CVE-2021-1459
Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input in the web-based management interface. By sending specially crafted HTTP requests, an attacker could exploit this vulnerability to execute arbitrary commands on the system with root privileges.
Impact
Unauthorized Access
Affected Vendors
Cisco
Affected Products
- Cisco Small Business RV130 Series VPN routers
- Cisco Small Business RV215W Wireless-N VPN Router
- Cisco Small Business RV110W Wireless-N VPN Firewall
- Cisco Small Business RV130W Wireless-N Multifunction VPN Router
Remediation
Refer to Cisco advisory for the complete list of affected products and their respective patches.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-q3rxHnvm
