Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability (cisco-sa-20160803-rv110_130w2) (CVE-2015-6397)

A vulnerability in the default account when used with a specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to gain root access to the device. The account could incorrectly be granted root privileges at authentication time.

在使用特定配置的思科RV110W无线N型VPN防火墙、思科RV130W无线N型多功能VPN路由器和思科RV215W无线N型VPN路由器时，默认账户存在漏洞，可能使得经过身份验证的远程攻击者获取设备的根级访问权限。在认证过程中，该账户可能被错误地赋予了根级权限。