Test ID:	1.3.6.1.4.1.25623.1.0.105846
Category:	CISCO
Title:	Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability
Summary:	A vulnerability in the command-line interface (CLI) command; parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN; Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to; inject arbitrary shell commands that are executed by the device. The commands are executed with; full administrator privileges.
Description:	Summary: A vulnerability in the command-line interface (CLI) command parser of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, local attacker to inject arbitrary shell commands that are executed by the device. The commands are executed with full administrator privileges. Solution: This vulnerability is fixed in the following firmware versions: - RV110W Wireless-N VPN Firewall, Release 1.2.1.7 - RV130W Wireless-N Multifunction VPN Router, Release 1.0.3.16 - RV215W Wireless-N VPN Router, Release 1.3.0.8 CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6396 BugTraq ID: 92269 http://www.securityfocus.com/bid/92269 Cisco Security Advisory: 20160803 Cisco RV110W, RV130W, and RV215W Routers Command Shell Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w1 https://www.exploit-db.com/exploits/45986/ http://www.securitytracker.com/id/1036528
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.