Vulnslist

find the latest Cisco vulnerabilities

Cisco Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability

cisco-sa-rv110w-static-cred-BMTWBWTy · Critical · Published · Updated

A vulnerability in the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall Routers could allow an unauthenticated, remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to gain full control of an affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2020-3330
Cisco Bug IDsCSCvs50818
CVSS ScoreBase 9.8
Base 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco RV110W Wireless-N VPN Firewall Firmware

Related Products

Product CVE Evidence
Cisco RV110W Wireless-N VPN Firewall Firmware CVE-2020-3330 Cisco OpenVuln