CVE-2019-15271
Published on November 26, 2019
Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Arbitrary Command Execution Vulnerability
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based management interface of the targeted device. A successful exploit could allow the attacker to execute commands with root privileges.
Known Exploited Vulnerability
This Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.
The following remediation steps are recommended / required by June 22, 2022: Apply updates per vendor instructions.
Weakness Type
What is a Marshaling, Unmarshaling Vulnerability?
The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid.
CVE-2019-15271 has been classified to as a Marshaling, Unmarshaling vulnerability or weakness.
Affected Versions
Cisco Small Business RV Series Router Firmware:- Version unspecified and below n/a is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.