6.8
CVE-2016-1397
- EPSS 0.51%
- Veröffentlicht 19.06.2016 01:59:05
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Rv215w Wireless-n Vpn Router Firmware Version1.1.0.5
Cisco ≫ Rv215w Wireless-n Vpn Router Firmware Version1.1.0.6
Cisco ≫ Rv215w Wireless-n Vpn Router Firmware Version1.2.0.14
Cisco ≫ Rv215w Wireless-n Vpn Router Firmware Version1.2.0.15
Cisco ≫ Rv215w Wireless-n Vpn Router Firmware Version1.3.0.7
Cisco ≫ Rv110w Wireless-n Vpn Firewall Firmware Version1.1.0.9
Cisco ≫ Rv110w Wireless-n Vpn Firewall Firmware Version1.2.0.9
Cisco ≫ Rv110w Wireless-n Vpn Firewall Firmware Version1.2.0.10
Cisco ≫ Rv110w Wireless-n Vpn Firewall Firmware Version1.2.1.4
Cisco ≫ Rv130w Wireless-n Multifunction Vpn Router Firmware Version1.0.0.21
Cisco ≫ Rv130w Wireless-n Multifunction Vpn Router Firmware Version1.0.1.3
Cisco ≫ Rv130w Wireless-n Multifunction Vpn Router Firmware Version1.0.2.7
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.51% | 0.654 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 6.8 | 8 | 6.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.