cisco small-business-rv-series-router-firmware CVE-2021-1309 is a vulnerability in Cisco Small Business Rv Series Router Firmware
Published on April 8, 2021

Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Vendor Advisory NVD

Vulnerability Analysis

Attack Vector:
ADJACENT_NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH

Weakness Type

What is a Buffer Overflow Vulnerability?

The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

CVE-2021-1309 has been classified to as a Buffer Overflow vulnerability or weakness.


Products Associated with CVE-2021-1309

Want to know whenever a new CVE is published for Cisco Small Business Rv Series Router Firmware? stack.watch will email you.

Cisco Small Business Rv Series Router Firmware
 

Affected Versions

Cisco Small Business RV Series Router Firmware Version n/a is affected by CVE-2021-1309

Exploit Probability

EPSS
0.11%
Percentile
28.92%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.