Researchers have uncovered several critical and high severity vulnerabilities in Cisco’s small business RV series routers. The networking giant has released patches for some of the security holes.
According to advisories published by Cisco on Wednesday, RV110W, RV130W and RV215W routers include a default account that can be leveraged by an attacker to gain root access to the device (CVE-2015-6397). The default account should normally be read-only and not have root privileges.
Cisco also informed customers about a critical vulnerability in RV180 and RV180W VPN routers. The flaw affects the web interface and it allows remote, authenticated attackers to execute arbitrary code with root privileges (CVE-2016-1430).
The same RV router models are also affected by a high severity flaw that can be exploited remotely to perform a directory traversal and access arbitrary files on the system (CVE-2016-1429).
RV110W, RV130W and RV215W routers are also plagued by a medium severity command shell injection vulnerability that allows a local attacker to inject arbitrary shell commands and have them executed by the device.
Cisco has released firmware updates to address the flaws affecting RV110W, RV130W and RV215W routers, but the company will not issue fixes for the RV180 and RV180W models since these are no longer sold.
The vulnerabilities were reported to Cisco by Adam Zielinski and Harri Kuosmanen. The firm says it’s not aware of any attacks involving these weaknesses.
In mid-June, Cisco informed customers of four security holes affecting its RV series routers, including one rated critical. Patches for those flaws were released by the company a few days after the initial disclosure.
Related: Flaws in Ruckus Access Points Expose Organizations to Attacks
Related: Netgear Routers Plagued by Serious Vulnerabilities
Related: Apple Patches RCE Flaw in AirPort Routers

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
