Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

cisco-sa-rv-multi-lldp-u7e4chCe · High · Published · Updated

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

CVEsCVE-2021-1251, CVE-2021-1308, CVE-2021-1309
Cisco Bug IDsCSCvw62392, CSCvw62410, CSCvw62413, CSCvw62416, CSCvw62395, CSCvw62411, CSCvw62417, CSCvw62418, CSCvw94339, CSCvw94341, CSCvw95016, CSCvw95017, CSCvy01220
CVSS ScoreBase 8.8
Base 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Base 7.4 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco Small Business RV Series Router Firmware

Related Products

Product CVE Evidence
Cisco Small Business RV Series Router Firmware CVE-2021-1309 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2021-1308 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2021-1251 Cisco OpenVuln