ID de Prueba:	1.3.6.1.4.1.25623.1.0.105846
Categoría:	CISCO
Título:	Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability
Resumen:	A vulnerability in the command-line interface (CLI) command; parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN; Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to; inject arbitrary shell commands that are executed by the device. The commands are executed with; full administrator privileges.
Descripción:	Summary: A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The commands are executed with full administrator privileges. Solution: This vulnerability is fixed in the following firmware versions: - RV110W Wireless-N VPN Firewall, Release 1.2.1.7 - RV130W Wireless-N Multifunction VPN Router, Release 1.0.3.16 - RV215W Wireless-N VPN Router, Release 1.3.0.8 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6396 BugTraq ID: 92269 http://www.securityfocus.com/bid/92269 Cisco Security Advisory: 20160803 Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w1 https://www.exploit-db.com/exploits/45986/ http://www.securitytracker.com/id/1036528
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.