Test Kennung:	1.3.6.1.4.1.25623.1.0.105846
Kategorie:	CISCO
Titel:	Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability
Zusammenfassung:	A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The commands are executed with full administrator privileges.
Beschreibung:	Summary: A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The commands are executed with full administrator privileges. Solution: This vulnerability is fixed in the following firmware versions. RV110W Wireless-N VPN Firewall, Release 1.2.1.7 RV130W Wireless-N Multifunction VPN Router, Release 1.0.3.16 RV215W Wireless-N VPN Router, Release 1.3.0.8 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6396 BugTraq ID: 92269 http://www.securityfocus.com/bid/92269 Cisco Security Advisory: 20160803 Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w1 https://www.exploit-db.com/exploits/45986/ http://www.securitytracker.com/id/1036528
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.