Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Multiple Cisco Small Business routers allow authenticated remote root command execution or denial of service via insufficient HTTP input validation.
Vulnerability
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers (all firmware versions) allow an authenticated, remote attacker to execute arbitrary commands or cause a denial of service (DoS). The issues arise due to insufficient validation of user fields within incoming HTTP packets [1]. The web-based management interface is accessible via LAN (and WAN if remote management is enabled, which is disabled by default).
Exploitation
An attacker must have valid Administrator credentials on the affected device [1]. The attacker then sends a crafted HTTP request to the web-based management interface, exploiting the insufficient input validation to trigger a buffer overflow or command injection [1]. The attack can be carried out remotely if remote management is enabled, or from the LAN.
Impact
A successful exploit allows the attacker to execute arbitrary commands with root-level privileges on the device, or to cause the device to restart unexpectedly, resulting in a complete denial of service condition [1]. The entire device is compromised, with no privilege boundaries.
Mitigation
Cisco has not released software updates to address these vulnerabilities as of the publication date (2022-07-21) [1]. No workarounds exist [1]. Cisco recommends limiting access to the management interface via ACLs or firewall rules where possible, and disabling remote management if not required. These products may be approaching end-of-life; users should assess migration to supported models.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rce-overflow-ygHByAKmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.