Cisco Small Business RV Series Routers Remote Code Execution Vulnerability
Description
A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to an affected device. A successful exploit could allow the attacker to execute remote code on the affected device. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An authenticated remote attacker can execute arbitrary code on Cisco Small Business RV340/RV345 routers due to insufficient input validation in the web-based management interface.
Vulnerability
The vulnerability exists in the web-based management interface of Cisco Small Business RV340 and RV345 routers (including RV340W and RV345P). It is due to insufficient validation of user-supplied input. Affected firmware versions are 1.0.03.26 and earlier. [1]
Exploitation
An attacker must have valid Administrator credentials on the affected device. The attacker can then send malicious input to the web-based management interface to trigger the vulnerability. [1]
Impact
Successful exploitation allows the attacker to execute arbitrary code on the affected device, potentially leading to full compromise of the router. [1]
Mitigation
Cisco has released firmware version 1.0.03.27 to fix this vulnerability. Users should upgrade to this version or later. No workarounds are mentioned in the advisory. [1]
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-rce-OYLQbL9umitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.