Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerability
Description
A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of incoming UPnP traffic. An attacker could exploit this vulnerability by sending a crafted UPnP request to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the device to reload, resulting in a DoS condition. Cisco has not released software updates that address this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An unauthenticated remote attacker can trigger arbitrary code execution or DoS in Cisco Small Business RV series routers via crafted UPnP request.
Vulnerability
The vulnerability resides in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. It is due to improper validation of incoming UPnP traffic. Affected versions have not been explicitly listed, but the advisory indicates no software updates address the flaw. The UPnP service is enabled by default on LAN interfaces and disabled on WAN interfaces; devices with UPnP disabled on both interfaces are not vulnerable [1].
Exploitation
An unauthenticated, remote attacker can exploit the vulnerability by sending a specially crafted UPnP request to an affected device. No authentication or special network access is required, as UPnP typically listens for requests on the LAN interface [1].
Impact
Successful exploitation allows arbitrary code execution as the root user on the underlying operating system, or causes the device to reload, resulting in a denial of service (DoS) condition [1].
Mitigation
Cisco has not released software updates that address this vulnerability, and there are no workarounds. The only mitigation is to disable UPnP on both LAN and WAN interfaces, which can be done via the web-based management interface at Basic Settings > UPnP. If UPnP is disabled, the device is not considered vulnerable [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-sb-rv-overflow-htpymMB5mitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.