Description


Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Related CPE's


o

cisco

rv132w_firmware

3


o

cisco

rv134w_firmware

3


o

cisco

rv160_firmware

3


o

cisco

rv160w_firmware

3


o

cisco

rv260_firmware

3


o

cisco

rv260p_firmware

3


o

cisco

rv260w_firmware

3


o

cisco

rv340_firmware

3


o

cisco

rv340w_firmware

3


o

cisco

rv345_firmware

3


o

cisco

rv345p_firmware

3

Weaknesses



CWE-401


CWE-119

CVSS impact metrics


CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-04-08T04:15:12.063

4 years ago

Last modified

2023-11-07T03:27:55.893

1 year ago