Description
The web management interface on the Cisco RV110W firewall with firmware 1.2.0.9 and earlier, RV215W router with firmware 1.1.0.5 and earlier, and CVR100W router with firmware 1.0.1.19 and earlier does not prevent replaying of modified authentication requests, which allows remote attackers to obtain administrative access by leveraging the ability to intercept requests, aka Bug IDs CSCul94527, CSCum86264, and CSCum86275.
Exploits (1)
Scores
EPSS
0.2944
EPSS Percentile
96.6%
Details
CWE
CWE-255
Status
published
Products (6)
cisco/cvr100w
cisco/cvr100w_firmware
< 1.0.1.19
cisco/rv110w
cisco/rv110w_firmware
< 1.2.0.9
cisco/rv215w
cisco/rv215w_firmware
< 1.1.0.5
Published
Mar 06, 2014
Tracked Since
Feb 18, 2026