{"containers": {"cna": {"affected": [{"product": "Cisco Small Business RV Series Router Firmware", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2021-02-03T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-36", "description": "CWE-36", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-02-04T16:56:29", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn"}], "source": {"advisory": "cisco-sa-rv160-260-filewrite-7x9mnKjn", "defect": [["CSCvw19856", "CSCvw22856"]], "discovery": "INTERNAL"}, "title": "Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2021-02-03T16:00:00", "ID": "CVE-2021-1296", "STATE": "PUBLIC", "TITLE": "Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Small Business RV Series Router Firmware", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "impact": {"cvss": {"baseScore": "7.5", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-36"}]}]}, "references": {"reference_data": [{"name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn"}]}, "source": {"advisory": "cisco-sa-rv160-260-filewrite-7x9mnKjn", "defect": [["CSCvw19856", "CSCvw22856"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:02:56.387Z"}, "title": "CVE Program Container", "references": [{"name": "20210203 Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2021-1296", "datePublished": "2021-02-04T16:56:29.396167Z", "dateReserved": "2020-11-13T00:00:00", "dateUpdated": "2024-09-16T18:34:34.973Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv160w_wireless-ac_vpn_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC3486B1-44A9-4DCD-B8F4-58FD110C4AA6", "versionEndExcluding": "1.0.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv160w_wireless-ac_vpn_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "76FA810D-A396-4844-85E7-9293B0559269", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv260_vpn_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D913D1B-9600-440A-AF22-AC862331EFB3", "versionEndExcluding": "1.0.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv260_vpn_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2374731-08B0-47A4-BD8F-DB6C67ECF785", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv260p_vpn_router_with_poe_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01A1C982-8295-4266-BFDB-7ADA9EF1A28F", "versionEndExcluding": "1.0.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv260p_vpn_router_with_poe:-:*:*:*:*:*:*:*", "matchCriteriaId": "1A695DCE-ACFE-4437-BA0E-FBF6E379FF91", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv260w_wireless-ac_vpn_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "95BDC2EA-251E-4A33-9409-3D838C7C135F", "versionEndExcluding": "1.0.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv260w_wireless-ac_vpn_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "A4F17A5C-FFA3-4E87-9015-FA90ED6E2C71", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv160_vpn_router_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C37623FE-BDD5-42D9-A520-456020A8DCA9", "versionEndExcluding": "1.0.01.02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv160_vpn_router:-:*:*:*:*:*:*:*", "matchCriteriaId": "5FD7FED8-F2E5-449F-98C8-E629B0174A8D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to conduct directory traversal attacks and overwrite certain files that should be restricted on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to upload a file to location on an affected device that they should not have access to. A successful exploit could allow the attacker to overwrite files on the file system of the affected device."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades en la interfaz de administraci\u00f3n basada en web de los Enrutadores VPN Cisco Small Business RV160, RV160W, RV260, RV260P y RV260W, podr\u00edan permitir a un atacante remoto no autenticado llevar a cabo ataques de salto de directorio y sobrescriba ciertos archivos que deben restringirse en un sistema afectado. Estas vulnerabilidades son debido a una comprobaci\u00f3n insuficiente de la entrada. Un atacante podr\u00eda explotar estas vulnerabilidades mediante el uso de la interfaz de administraci\u00f3n basada en web para cargar un archivo en la ubicaci\u00f3n de un dispositivo afectado al que no deber\u00eda tener acceso. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante sobrescribir archivos en el sistema de archivos del dispositivo afectado"}], "id": "CVE-2021-1296", "lastModified": "2023-11-07T03:27:54.447", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.4, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2021-02-04T17:15:15.700", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv160-260-filewrite-7x9mnKjn"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-36"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}