CVE-2026-24697
Received Received - Intake

OS Command Injection in Cisco RV130/RV130W and RV110W Routers

Vulnerability report for CVE-2026-24697, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: MITRE

Description

An OS command injection vulnerability exists in the start_bonjour() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wan_hostname configuration parameter is not properly sanitized, which could allow an authenticated remote attacker to execute arbitrary OS commands with root privileges.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-08
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 3 associated CPEs
Vendor Product Version / Range
cisco rv130 1.0.3.55
cisco rv110w 1.2.2.5
cisco rv110w 1.2.2.8

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2026-24697 is a command injection vulnerability found in Cisco RV130 and RV110w routers running specific firmware versions. It exists in the start_bonjour() function of the rc binary, where the wan_hostname configuration parameter is not properly sanitized before being used in a system command.

Because the wan_hostname parameter is concatenated directly into a command without validation or escaping, an authenticated remote attacker can inject malicious OS commands by including special characters like semicolons or ampersands.

This allows the attacker to execute arbitrary commands with root privileges on the router, potentially leading to persistent command execution and full compromise of the device.

Impact Analysis

This vulnerability can have severe impacts including complete compromise of the affected router.

  • An attacker with authentication can execute arbitrary OS commands with root privileges.
  • The attacker can maintain persistent control over the device across reboots.
  • Full security breach of the router can lead to interception, manipulation, or disruption of network traffic.
Detection Guidance

This vulnerability can be detected by checking the value of the wan_hostname parameter in the router's NVRAM for suspicious characters such as semicolons or ampersands that could be used for command injection.

Additionally, monitoring the router for unexpected or unauthorized command executions related to the Bonjour service may help identify exploitation attempts.

Specific commands to detect this vulnerability are not provided in the available resources.

Mitigation Strategies

Immediate mitigation steps include updating the router firmware to a version that patches this vulnerability, if available.

If an update is not available, restrict access to the router's management interface to trusted users only and avoid setting or modifying the wan_hostname parameter with untrusted input.

Disabling the Bonjour service or the affected functionality may also reduce the risk of exploitation.

Compliance Impact

The vulnerability allows an authenticated remote attacker to execute arbitrary OS commands with root privileges on affected Cisco routers, leading to complete router compromise and full security breach.

Such a security breach could result in unauthorized access to sensitive data or disruption of network services, which may impact compliance with common standards and regulations like GDPR and HIPAA that require protection of personal and sensitive information.

However, the provided information does not explicitly detail the direct effects on compliance with these standards.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-24697. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart