CVE-2026-24697 PUBLISHED

Assigner: mitre
Reserved: 23.01.2026 Published: 08.07.2026 Updated: 08.07.2026

An OS command injection vulnerability exists in the start_bonjour() function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wan_hostname configuration parameter is not properly sanitized, which could allow an authenticated remote attacker to execute arbitrary OS commands with root privileges.

Product Status

Vendor n/a
Product n/a
Versions
  • Version n/a is affected

References

Problem Types

  • n/a text