CVE-2020-3331

A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied input data by the web-based management interface. An attacker could exploit this vulnerability by sending crafted requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user.

Severity	CRITICAL
CVSS	9.8
CWE	CWE-119
KEV
Published	5 years ago
Modified	1 year ago

Related Products

Product	Advisory
Cisco Small Business RV Series Router Firmware	cisco-sa-code-exec-wH3BNFb
Cisco RV Series Routers	cisco-sa-code-exec-wH3BNFb
Cisco Nexus Dashboard	cisco-sa-code-exec-wH3BNFb
Cisco RV215W Wireless-N VPN Router Firmware	cisco-sa-code-exec-wH3BNFb
Cisco RV110W Wireless-N VPN Firewall Firmware	cisco-sa-code-exec-wH3BNFb