Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 08 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-78 | |
| Metrics |
cvssV3_1
|
Wed, 08 Jul 2026 15:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An OS command injection vulnerability exists in the sub_34984() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The lan_ipv6_prefixlen configuration parameter is not properly sanitized, which could allow an authenticated remote attacker to execute arbitrary OS commands with root privileges. | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-08T15:45:27.072Z
Reserved: 2026-01-23T00:00:00.000Z
Link: CVE-2026-24699
Updated: 2026-07-08T15:44:39.971Z
No data.
No data.
OpenCVE Enrichment
No data.