CVE-2019-15271

HIGH KEV

Cisco RV016 RV042 RV042G RV082 < 4.2.3.10 - Authenticated Remote Code Execution via HTTP Payload Deserialization

Title source: llm

Exploitation Summary

CVE-2019-15271 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 8, 2022.

Description

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based management interface of the targeted device. A successful exploit could allow the attacker to execute commands with root privileges.

References (2)

Core 2

Core References

Vendor Advisory vendor-advisory x_refsource_cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191106-sbrv-cmd-x

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-15271

Scores

CVSS v3 8.8

EPSS 0.0560

EPSS Percentile 90.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2022-06-08

VulnCheck KEV 2022-06-07

InTheWild.io 2022-06-08

ENISA EUVD EUVD-2019-6279

CWE

CWE-502

Status published

Products (4)

cisco/rv016_multi-wan_vpn_firmware < 4.2.3.10

cisco/rv042_dual_wan_vpn_firmware < 4.2.3.10

cisco/rv042g_dual_gigabit_wan_vpn_firmware < 4.2.3.10

cisco/rv082_dual_wan_vpn_firmware < 4.2.3.10

Published Nov 26, 2019

KEV Added Jun 08, 2022

Tracked Since Feb 18, 2026