Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Authenticated remote command injection and DoS in Cisco Small Business RV series routers due to insufficient input validation.
Vulnerability
CVE-2022-20881 describes multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. These flaws are due to insufficient validation of user-supplied fields within incoming HTTP packets. An authenticated remote attacker can send a crafted HTTP request to trigger arbitrary command execution or cause a denial of service (DoS). All versions of the affected routers are considered vulnerable as no fixed software releases are available [1].
Exploitation
To exploit these vulnerabilities, an attacker must have valid Administrator credentials for the targeted device. The attacker then sends a specially crafted HTTP request to the web-based management interface, which is accessible via LAN or, if enabled, via remote management over the WAN. The request contains malicious payloads in user fields that are not properly validated, leading to the execution of arbitrary commands or an unexpected device restart [1].
Impact
Successful exploitation grants an attacker root-level command execution on the affected router, allowing complete compromise of the device's confidentiality, integrity, and availability. Alternatively, an attacker can trigger a denial of service by causing the router to unexpectedly reboot, disrupting network operations [1].
Mitigation
Cisco has not released software updates that address these vulnerabilities, and no workarounds exist [1]. Affected devices are end-of-life (EOL) and not covered by a security update policy. Users are advised to upgrade to a supported and patched product. This vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rce-overflow-ygHByAKmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.