cvelistv5 - cve-2019-1663

CVE-2019-1663 (GCVE-0-2019-1663)

Vulnerability from cvelistv5 – Published: 2019-02-28 18:00 – Updated: 2024-11-19 19:16

Summary

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-119

Assigner

cisco

References

URL

Tags

	http://www.securityfocus.com/bid/107185	vdb-entryx_refsource_BID
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	http://www.rapid7.com/db/modules/exploit/linux/ht…	x_refsource_MISC
	http://packetstormsecurity.com/files/152507/Cisco…	x_refsource_MISC
	https://www.exploit-db.com/exploits/46705/	exploitx_refsource_EXPLOIT-DB
	http://packetstormsecurity.com/files/153163/Cisco…	x_refsource_MISC
	http://packetstormsecurity.com/files/154310/Cisco…	x_refsource_MISC

Impacted products

Vendor

Product

Version

Cisco

RV110W Wireless-N VPN Firewall

Affected: unspecified , < 1.2.2.1 (custom)

	Cisco	RV130W Wireless-N Multifunction VPN Router	Affected: unspecified , < 1.0.3.45 (custom)
	Cisco	RV215W Wireless-N VPN Router	Affected: unspecified , < 1.3.1.1 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:20:28.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "107185",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/107185"
          },
          {
            "name": "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
          },
          {
            "name": "46705",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46705/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1663",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T17:21:25.889132Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T19:16:07.667Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "RV110W Wireless-N VPN Firewall",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "1.2.2.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "RV130W Wireless-N Multifunction VPN Router",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "1.0.3.45",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "RV215W Wireless-N VPN Router",
          "vendor": "Cisco",
          "versions": [
            {
              "lessThan": "1.3.1.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2019-02-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-02T20:06:05",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "107185",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/107185"
        },
        {
          "name": "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
        },
        {
          "name": "46705",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46705/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190227-rmi-cmd-ex",
        "defect": [
          [
            "CSCvn18638",
            "CSCvn18639",
            "CSCvn18642"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-02-27T16:00:00-0800",
          "ID": "CVE-2019-1663",
          "STATE": "PUBLIC",
          "TITLE": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "RV110W Wireless-N VPN Firewall",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "1.2.2.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "RV130W Wireless-N Multifunction VPN Router",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "1.0.3.45"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "RV215W Wireless-N VPN Router",
                      "version": {
                        "version_data": [
                          {
                            "affected": "\u003c",
                            "version_affected": "\u003c",
                            "version_value": "1.3.1.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "9.8",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "107185",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/107185"
            },
            {
              "name": "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
            },
            {
              "name": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce",
              "refsource": "MISC",
              "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
            },
            {
              "name": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
            },
            {
              "name": "46705",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46705/"
            },
            {
              "name": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190227-rmi-cmd-ex",
          "defect": [
            [
              "CSCvn18638",
              "CSCvn18639",
              "CSCvn18642"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1663",
    "datePublished": "2019-02-28T18:00:00Z",
    "dateReserved": "2018-12-06T00:00:00",
    "dateUpdated": "2024-11-19T19:16:07.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.2.2.1\", \"matchCriteriaId\": \"399C5CF4-84D4-405C-A180-DD4C5D1B8FA7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20E8ECAC-E842-41DB-9612-9374A9648DC2\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv130w_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.0.3.45\", \"matchCriteriaId\": \"E4D65D59-1E91-4143-9914-B78933770DD7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3C9AFAA-1387-4067-AF7E-2E4AAD2A272A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.3.1.1\", \"matchCriteriaId\": \"CAC6C694-4900-4543-93F4-24AFD59E7F69\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8686AB22-F757-468A-930B-DDE45B508969\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la interfaz web de Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router y Cisco RV215W Wireless-N VPN Router podr\\u00eda permitir a un atacante remoto no autenticado ejecutar c\\u00f3digo arbitrario en el dispositivo afectado. La vulnerabilidad se debe a la validaci\\u00f3n de entradas incorrecta de parte del usuario en la interfaz de gesti\\u00f3n web. Un atacante podr\\u00eda explotar esta vulnerabilidad enviando peticiones HTTP maliciosas a un dispositivo objetivo. Si se explota esta vulnerabilidad con \\u00e9xito, el atacante podr\\u00eda ejecutar c\\u00f3digo arbitrario en el sistema operativo subyacente del dispositivo afectado como un usuario con altos privilegios. Las versiones 1.2.2.1 y anteriores de RV110W Wireless-N VPN Firewall  se ven afectadas. Las versiones 1.0.3.45 y anteriores de RV130W Wireless-N Multifunction VPN Router se ven afectadas. Las versiones 1.3.1.1 y anteriores de RV215W Wireless-N VPN Router se ven afectadas.\"}]",
      "id": "CVE-2019-1663",
      "lastModified": "2024-11-21T04:37:02.680",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-02-28T18:29:02.040",
      "references": "[{\"url\": \"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107185\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46705/\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107185\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46705/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-1663\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2019-02-28T18:29:02.040\",\"lastModified\":\"2024-11-21T04:37:02.680\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz web de Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router y Cisco RV215W Wireless-N VPN Router podr\u00eda permitir a un atacante remoto no autenticado ejecutar c\u00f3digo arbitrario en el dispositivo afectado. La vulnerabilidad se debe a la validaci\u00f3n de entradas incorrecta de parte del usuario en la interfaz de gesti\u00f3n web. Un atacante podr\u00eda explotar esta vulnerabilidad enviando peticiones HTTP maliciosas a un dispositivo objetivo. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente del dispositivo afectado como un usuario con altos privilegios. Las versiones 1.2.2.1 y anteriores de RV110W Wireless-N VPN Firewall  se ven afectadas. Las versiones 1.0.3.45 y anteriores de RV130W Wireless-N Multifunction VPN Router se ven afectadas. Las versiones 1.3.1.1 y anteriores de RV215W Wireless-N VPN Router se ven afectadas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.2.2.1\",\"matchCriteriaId\":\"399C5CF4-84D4-405C-A180-DD4C5D1B8FA7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20E8ECAC-E842-41DB-9612-9374A9648DC2\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv130w_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.0.3.45\",\"matchCriteriaId\":\"E4D65D59-1E91-4143-9914-B78933770DD7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3C9AFAA-1387-4067-AF7E-2E4AAD2A272A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.3.1.1\",\"matchCriteriaId\":\"CAC6C694-4900-4543-93F4-24AFD59E7F69\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8686AB22-F757-468A-930B-DDE45B508969\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107185\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/46705/\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107185\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/46705/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/107185\", \"name\": \"107185\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\", \"name\": \"20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46705/\", \"name\": \"46705\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T18:20:28.401Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-1663\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-19T17:21:25.889132Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-19T17:22:00.622Z\"}}], \"cna\": {\"title\": \"Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability\", \"source\": {\"defect\": [[\"CSCvn18638\", \"CSCvn18639\", \"CSCvn18642\"]], \"advisory\": \"cisco-sa-20190227-rmi-cmd-ex\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"RV110W Wireless-N VPN Firewall\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"1.2.2.1\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Cisco\", \"product\": \"RV130W Wireless-N Multifunction VPN Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"1.0.3.45\", \"versionType\": \"custom\"}]}, {\"vendor\": \"Cisco\", \"product\": \"RV215W Wireless-N VPN Router\", \"versions\": [{\"status\": \"affected\", \"version\": \"unspecified\", \"lessThan\": \"1.3.1.1\", \"versionType\": \"custom\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018.\"}], \"datePublic\": \"2019-02-27T00:00:00\", \"references\": [{\"url\": \"http://www.securityfocus.com/bid/107185\", \"name\": \"107185\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\", \"name\": \"20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46705/\", \"name\": \"46705\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-09-02T20:06:05\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"9.8\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\"}}, \"source\": {\"defect\": [[\"CSCvn18638\", \"CSCvn18639\", \"CSCvn18642\"]], \"advisory\": \"cisco-sa-20190227-rmi-cmd-ex\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"1.2.2.1\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"RV110W Wireless-N VPN Firewall\"}, {\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"1.0.3.45\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"RV130W Wireless-N Multifunction VPN Router\"}, {\"version\": {\"version_data\": [{\"affected\": \"\u003c\", \"version_value\": \"1.3.1.1\", \"version_affected\": \"\u003c\"}]}, \"product_name\": \"RV215W Wireless-N VPN Router\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.securityfocus.com/bid/107185\", \"name\": \"107185\", \"refsource\": \"BID\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\", \"name\": \"20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability\", \"refsource\": \"CISCO\"}, {\"url\": \"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\", \"name\": \"http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.exploit-db.com/exploits/46705/\", \"name\": \"46705\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\", \"name\": \"http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-119\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-1663\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-02-27T16:00:00-0800\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-1663\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-11-19T19:16:07.667Z\", \"dateReserved\": \"2018-12-06T00:00:00\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-02-28T18:00:00Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2019-1663

Vulnerability from fkie_nvd - Published: 2019-02-28 18:29 - Updated: 2024-11-21 04:37

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@cisco.com	http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html	Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html	Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce	Exploit, Third Party Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/107185	Third Party Advisory, VDB Entry
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex	Vendor Advisory
psirt@cisco.com	https://www.exploit-db.com/exploits/46705/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/107185	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/46705/	Exploit, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	rv110w_firmware	*
cisco	rv110w	-
cisco	rv130w_firmware	*
cisco	rv130w	-
cisco	rv215w_firmware	*
cisco	rv215w	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "399C5CF4-84D4-405C-A180-DD4C5D1B8FA7",
              "versionEndExcluding": "1.2.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "20E8ECAC-E842-41DB-9612-9374A9648DC2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv130w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4D65D59-1E91-4143-9914-B78933770DD7",
              "versionEndExcluding": "1.0.3.45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C9AFAA-1387-4067-AF7E-2E4AAD2A272A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CAC6C694-4900-4543-93F4-24AFD59E7F69",
              "versionEndExcluding": "1.3.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8686AB22-F757-468A-930B-DDE45B508969",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz web de Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router y Cisco RV215W Wireless-N VPN Router podr\u00eda permitir a un atacante remoto no autenticado ejecutar c\u00f3digo arbitrario en el dispositivo afectado. La vulnerabilidad se debe a la validaci\u00f3n de entradas incorrecta de parte del usuario en la interfaz de gesti\u00f3n web. Un atacante podr\u00eda explotar esta vulnerabilidad enviando peticiones HTTP maliciosas a un dispositivo objetivo. Si se explota esta vulnerabilidad con \u00e9xito, el atacante podr\u00eda ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente del dispositivo afectado como un usuario con altos privilegios. Las versiones 1.2.2.1 y anteriores de RV110W Wireless-N VPN Firewall  se ven afectadas. Las versiones 1.0.3.45 y anteriores de RV130W Wireless-N Multifunction VPN Router se ven afectadas. Las versiones 1.3.1.1 y anteriores de RV215W Wireless-N VPN Router se ven afectadas."
    }
  ],
  "id": "CVE-2019-1663",
  "lastModified": "2024-11-21T04:37:02.680",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-02-28T18:29:02.040",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107185"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46705/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/107185"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46705/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2019-AVI-082

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Webex Productivity Tools versions antérieures à 33.0.7 sur Windows
Cisco	N/A	Cisco Webex Meetings Desktop App versions antérieures à 33.6.6 sur Windows
Cisco	N/A	Cisco Webex Meetings Desktop App versions 33.9.x antérieures à 33.9.1 sur Windows
Cisco	N/A	RV215W Wireless-N VPN Router versions antérieures à 1.3.1.1
Cisco	N/A	RV130W Wireless-N Multifunction VPN Router versions antérieures à 1.0.3.45
Cisco	N/A	RV110W Wireless-N VPN Firewall versions antérieures à 1.2.2.1

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20190227-wmda-cmdinj du 27 février 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190227-rmi-cmd-ex du 27 février 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Webex Productivity Tools versions ant\u00e9rieures \u00e0 33.0.7 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings Desktop App versions ant\u00e9rieures \u00e0 33.6.6 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings Desktop App versions 33.9.x ant\u00e9rieures \u00e0 33.9.1 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "RV215W Wireless-N VPN Router versions ant\u00e9rieures \u00e0 1.3.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "RV130W Wireless-N Multifunction VPN Router versions ant\u00e9rieures \u00e0 1.0.3.45",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "RV110W Wireless-N VPN Firewall versions ant\u00e9rieures \u00e0 1.2.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-1674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1674"
    },
    {
      "name": "CVE-2019-1663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1663"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-082",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190227-wmda-cmdinj du 27 f\u00e9vrier 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-wmda-cmdinj"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190227-rmi-cmd-ex du 27 f\u00e9vrier 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
    }
  ]
}

CERTFR-2019-AVI-082

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Cisco. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco Webex Productivity Tools versions antérieures à 33.0.7 sur Windows
Cisco	N/A	Cisco Webex Meetings Desktop App versions antérieures à 33.6.6 sur Windows
Cisco	N/A	Cisco Webex Meetings Desktop App versions 33.9.x antérieures à 33.9.1 sur Windows
Cisco	N/A	RV215W Wireless-N VPN Router versions antérieures à 1.3.1.1
Cisco	N/A	RV130W Wireless-N Multifunction VPN Router versions antérieures à 1.0.3.45
Cisco	N/A	RV110W Wireless-N VPN Firewall versions antérieures à 1.2.2.1

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20190227-wmda-cmdinj du 27 février 2019	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20190227-rmi-cmd-ex du 27 février 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco Webex Productivity Tools versions ant\u00e9rieures \u00e0 33.0.7 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings Desktop App versions ant\u00e9rieures \u00e0 33.6.6 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco Webex Meetings Desktop App versions 33.9.x ant\u00e9rieures \u00e0 33.9.1 sur Windows",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "RV215W Wireless-N VPN Router versions ant\u00e9rieures \u00e0 1.3.1.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "RV130W Wireless-N Multifunction VPN Router versions ant\u00e9rieures \u00e0 1.0.3.45",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "RV110W Wireless-N VPN Firewall versions ant\u00e9rieures \u00e0 1.2.2.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2019-1674",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1674"
    },
    {
      "name": "CVE-2019-1663",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-1663"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-082",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Cisco.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Cisco",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190227-wmda-cmdinj du 27 f\u00e9vrier 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-wmda-cmdinj"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20190227-rmi-cmd-ex du 27 f\u00e9vrier 2019",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
    }
  ]
}

CISCO-SA-20190227-RMI-CMD-EX

Vulnerability from csaf_cisco - Published: 2019-02-27 16:00 - Updated: 2019-06-20 15:41

Summary

Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability

Notes

Summary

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"]

Vulnerable Products

This vulnerability affects all releases of the following Cisco products prior to those listed in Fixed Releases ["#fr"]: RV110W Wireless-N VPN Firewall RV130W Wireless-N Multifunction VPN Router RV215W Wireless-N VPN Router The web-based management interface of these devices is available through a local LAN connection or the remote management feature. By default, the remote management feature is disabled for these devices. To determine whether the remote management feature is enabled for a device, administrators can open the web-based management interface and choose Basic Settings > Remote Management. If the Enable box is checked, remote management is enabled for the device. Determining the Small Business Router Firmware Release To determine the installed release of the Small Business Router Firmware, an administrator can log in to the web-based management interface and click the About link in the upper right corner. A pop-up window will appear containing information about the currently installed Small Business Router Firmware.

Products Confirmed Not Vulnerable

Only products listed in the Vulnerable Products ["#vp"] section of this advisory are known to be affected by this vulnerability.

Workarounds

There are no workarounds that address this vulnerability.

Fixed Software

Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license: https://www.cisco.com/c/en/us/products/end-user-license-agreement.html ["https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"] Additionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page ["https://www.cisco.com/go/psirt"], to determine exposure and a complete upgrade solution. In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. Customers Without Service Contracts Customers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC: https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html ["https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"] Customers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade. Fixed Releases Cisco fixed this vulnerability in the following releases: RV110W Wireless-N VPN Firewall: 1.2.2.1 RV130W Wireless-N Multifunction VPN Router: 1.0.3.45 RV215W Wireless-N VPN Router: 1.3.1.1 Customers can download the software from the Software Center ["https://software.cisco.com/download/navigator.html"] on Cisco.com by clicking Browse All and doing the following: RV110W and RV215W Choose Routers > Small Business Routers > Small Business RV Series Routers > RV110W Wireless-N VPN Firewall or RV215W Wireless-N VPN Router > Wireless Router Firmware. Access releases by using the left pane of the RV110W Wireless-N VPN Firewall or RV215W Wireless-N VPN Router page. RV130W Choose Routers > Small Business Routers > Small Business RV Series Routers > RV130W Wireless-N Multifunction VPN Router > Small Business Router Firmware. Access releases by using the left pane of the RV130W Wireless-N Multifunction VPN Router page.

Vulnerability Policy

To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy ["https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.

Exploitation and Public Announcements

Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018. The Cisco Product Security Incident Response Team (PSIRT) is aware of ongoing active network scanning potentially targeting the vulnerability that is described in this advisory. The Cisco Product Security Incident Response Team (PSIRT) is aware that exploit code is available for the vulnerability described in this advisory.

Source

Cisco would like to thank the following security researchers: Yu Zhang and Haoliang Lu through the GeekPwn conference T. Shiomitsu of Pen Test Partners LLP for independently reporting this vulnerability to Cisco.

Legal Disclaimer

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME. A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "summary": "Cisco would like to thank the following security researchers:\r\n\r\nYu Zhang and Haoliang Lu through the GeekPwn conference\r\nT. Shiomitsu of Pen Test Partners LLP\r\n  for independently reporting this vulnerability to Cisco."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "notes": [
      {
        "category": "summary",
        "text": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.\r\n\r\nThe vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.\r\n\r\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\r\n\r\nThis advisory is available at the following link:\r\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex [\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex\"]",
        "title": "Summary"
      },
      {
        "category": "general",
        "text": "This vulnerability affects all releases of the following Cisco products prior to those listed in Fixed Releases [\"#fr\"]:\r\nRV110W Wireless-N VPN Firewall\r\nRV130W Wireless-N Multifunction VPN Router\r\nRV215W Wireless-N VPN Router\r\n\r\nThe web-based management interface of these devices is available through a local LAN connection or the remote management feature. By default, the remote management feature is disabled for these devices.\r\n\r\nTo determine whether the remote management feature is enabled for a device, administrators can open the web-based management interface and choose Basic Settings \u003e Remote Management. If the Enable box is checked, remote management is enabled for the device.  Determining the Small Business Router Firmware Release\r\nTo determine the installed release of the Small Business Router Firmware, an administrator can log in to the web-based management interface and click the About link in the upper right corner. A pop-up window will appear containing information about the currently installed Small Business Router Firmware.",
        "title": "Vulnerable Products"
      },
      {
        "category": "general",
        "text": "Only products listed in the Vulnerable Products [\"#vp\"] section of this advisory are known to be affected by this vulnerability.",
        "title": "Products Confirmed Not Vulnerable"
      },
      {
        "category": "general",
        "text": "There are no workarounds that address this vulnerability.",
        "title": "Workarounds"
      },
      {
        "category": "general",
        "text": "Cisco has released free software updates that address the vulnerability described in this advisory. Customers may only install and expect support for software versions and feature sets for which they have purchased a license. By installing, downloading, accessing, or otherwise using such software upgrades, customers agree to follow the terms of the Cisco software license:\r\nhttps://www.cisco.com/c/en/us/products/end-user-license-agreement.html [\"https://www.cisco.com/c/en/us/products/end-user-license-agreement.html\"]\r\n\r\nAdditionally, customers may only download software for which they have a valid license, procured from Cisco directly, or through a Cisco authorized reseller or partner. In most cases this will be a maintenance upgrade to software that was previously purchased. Free security software updates do not entitle customers to a new software license, additional software feature sets, or major revision upgrades.\r\n\r\nWhen considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page [\"https://www.cisco.com/go/psirt\"], to determine exposure and a complete upgrade solution.\r\n\r\nIn all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.\r\n  Customers Without Service Contracts\r\nCustomers who purchase directly from Cisco but do not hold a Cisco service contract and customers who make purchases through third-party vendors but are unsuccessful in obtaining fixed software through their point of sale should obtain upgrades by contacting the Cisco TAC:\r\nhttps://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html [\"https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html\"]\r\n\r\nCustomers should have the product serial number available and be prepared to provide the URL of this advisory as evidence of entitlement to a free upgrade.\r\n    Fixed Releases\r\nCisco fixed this vulnerability in the following releases:\r\n\r\nRV110W Wireless-N VPN Firewall: 1.2.2.1\r\nRV130W Wireless-N Multifunction VPN Router: 1.0.3.45\r\nRV215W Wireless-N VPN Router: 1.3.1.1\r\n\r\n  Customers can download the software from the Software Center [\"https://software.cisco.com/download/navigator.html\"] on Cisco.com by clicking Browse All and doing the following:\r\n\r\nRV110W and RV215W\r\n\r\nChoose Routers \u003e Small Business Routers \u003e Small Business RV Series Routers \u003e RV110W Wireless-N VPN Firewall or RV215W Wireless-N VPN Router \u003e Wireless Router Firmware.\r\nAccess releases by using the left pane of the  RV110W Wireless-N VPN Firewall or RV215W Wireless-N VPN Router page.\r\n\r\nRV130W\r\n\r\nChoose Routers \u003e Small Business Routers \u003e Small Business RV Series Routers \u003e RV130W Wireless-N Multifunction VPN Router \u003e Small Business Router Firmware.\r\nAccess releases by using the left pane of the  RV130W Wireless-N Multifunction VPN Router page.",
        "title": "Fixed Software"
      },
      {
        "category": "general",
        "text": "To learn about Cisco security vulnerability disclosure policies and publications, see the Security Vulnerability Policy [\"https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html\"]. This document also contains instructions for obtaining fixed software and receiving security vulnerability information from Cisco.",
        "title": "Vulnerability Policy"
      },
      {
        "category": "general",
        "text": "Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018.\r\n\r\n  The Cisco Product Security Incident Response Team (PSIRT) is aware of ongoing active network scanning potentially targeting the vulnerability that is described in this advisory.\r\n\r\nThe Cisco Product Security Incident Response Team (PSIRT) is aware that exploit code is available for the vulnerability described in this advisory.",
        "title": "Exploitation and Public Announcements"
      },
      {
        "category": "general",
        "text": "Cisco would like to thank the following security researchers:\r\n\r\nYu Zhang and Haoliang Lu through the GeekPwn conference\r\nT. Shiomitsu of Pen Test Partners LLP\r\n  for independently reporting this vulnerability to Cisco.",
        "title": "Source"
      },
      {
        "category": "legal_disclaimer",
        "text": "THIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.\r\n\r\nA standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.",
        "title": "Legal Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "Emergency Support:\r\n+1 877 228 7302 (toll-free within North America)\r\n+1 408 525 6532 (International direct-dial)\r\nNon-emergency Support:\r\nEmail: psirt@cisco.com\r\nSupport requests that are received via e-mail are typically acknowledged within 48 hours.",
      "issuing_authority": "Cisco product security incident response is the responsibility of the Cisco Product Security Incident Response Team (PSIRT). The Cisco PSIRT is a dedicated, global team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks. The on-call Cisco PSIRT works 24x7 with Cisco customers, independent security researchers, consultants, industry organizations, and other vendors to identify possible security issues with Cisco products and networks.\r\nMore information can be found in Cisco Security Vulnerability Policy available at https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html",
      "name": "Cisco",
      "namespace": "https://wwww.cisco.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
      },
      {
        "category": "external",
        "summary": "Cisco Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      },
      {
        "category": "external",
        "summary": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex",
        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
      },
      {
        "category": "external",
        "summary": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html",
        "url": "https://www.cisco.com/c/en/us/products/end-user-license-agreement.html"
      },
      {
        "category": "external",
        "summary": "Cisco Security Advisories and Alerts page",
        "url": "https://www.cisco.com/go/psirt"
      },
      {
        "category": "external",
        "summary": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html",
        "url": "https://www.cisco.com/c/en/us/support/web/tsd-cisco-worldwide-contacts.html"
      },
      {
        "category": "external",
        "summary": "Software Center",
        "url": "https://software.cisco.com/download/navigator.html"
      },
      {
        "category": "external",
        "summary": "Security Vulnerability Policy",
        "url": "https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html"
      }
    ],
    "title": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
    "tracking": {
      "current_release_date": "2019-06-20T15:41:52+00:00",
      "generator": {
        "date": "2022-09-03T03:39:28+00:00",
        "engine": {
          "name": "TVCE"
        }
      },
      "id": "cisco-sa-20190227-rmi-cmd-ex",
      "initial_release_date": "2019-02-27T16:00:00+00:00",
      "revision_history": [
        {
          "date": "2019-02-27T15:36:51+00:00",
          "number": "1.0.0",
          "summary": "Initial public release."
        },
        {
          "date": "2019-03-06T16:27:05+00:00",
          "number": "1.1.0",
          "summary": "Added a mention of ongoing network scanning activities for this vulnerability."
        },
        {
          "date": "2019-06-20T15:41:52+00:00",
          "number": "1.2.0",
          "summary": "Added a mention of exploit code availability."
        }
      ],
      "status": "final",
      "version": "1.2.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_family",
            "name": "Cisco RV130W Wireless-N Multifunction VPN Router Firmware",
            "product": {
              "name": "Cisco RV130W Wireless-N Multifunction VPN Router Firmware ",
              "product_id": "CSAFPID-212336"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco RV110W Wireless-N VPN Firewall Firmware",
            "product": {
              "name": "Cisco RV110W Wireless-N VPN Firewall Firmware ",
              "product_id": "CSAFPID-212341"
            }
          },
          {
            "category": "product_family",
            "name": "Cisco RV215W Wireless-N VPN Router Firmware",
            "product": {
              "name": "Cisco RV215W Wireless-N VPN Router Firmware ",
              "product_id": "CSAFPID-212498"
            }
          }
        ],
        "category": "vendor",
        "name": "Cisco"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-1663",
      "ids": [
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCvn18639"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCvn18638"
        },
        {
          "system_name": "Cisco Bug ID",
          "text": "CSCvn18642"
        }
      ],
      "notes": [
        {
          "category": "other",
          "text": "Complete.",
          "title": "Affected Product Comprehensiveness"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-212341",
          "CSAFPID-212336",
          "CSAFPID-212498"
        ]
      },
      "release_date": "2019-02-27T16:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "Cisco has released software updates that address this vulnerability.",
          "product_ids": [
            "CSAFPID-212498",
            "CSAFPID-212336",
            "CSAFPID-212341"
          ],
          "url": "https://software.cisco.com"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-212341",
            "CSAFPID-212336",
            "CSAFPID-212498"
          ]
        }
      ],
      "title": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability"
    }
  ]
}

CNVD-2022-32613

Vulnerability from cnvd - Published: 2022-05-29

Title

多款Cisco产品缓冲区溢出漏洞（CNVD-2022-32613）

Description

Cisco RV110W Wireless-N VPN Firewall等都是美国思科（Cisco）公司的一款企业级路由器。 Cisco RV110W Wireless-N VPN Firewall、RV130W Wireless-N Multifunction VPN Router和RV215W Wireless-N VPN Router中基于Web的管理界面存在缓冲区溢出漏洞，该漏洞源于程序未能正确地验证用户提交的数据。远程攻击者可通过发送恶意的HTTP请求利用该漏洞在底层操作系统上执行任意代码。

Severity

高

Patch Name

多款Cisco产品缓冲区溢出漏洞（CNVD-2022-32613）的补丁

Patch Description

Cisco RV110W Wireless-N VPN Firewall等都是美国思科（Cisco）公司的一款企业级路由器。 Cisco?RV110W Wireless-N VPN Firewall、RV130W Wireless-N Multifunction VPN Router和RV215W Wireless-N VPN Router中基于Web的管理界面存在缓冲区溢出漏洞，该漏洞源于程序未能正确地验证用户提交的数据。远程攻击者可通过发送恶意的HTTP请求利用该漏洞在底层操作系统上执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-1663

Impacted products

Name
['Cisco RV110W', 'Cisco RV130W', 'Cisco RV215W']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-1663"
    }
  },
  "description": "Cisco RV110W Wireless-N VPN Firewall\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4f01\u4e1a\u7ea7\u8def\u7531\u5668\u3002\n\nCisco RV110W Wireless-N VPN Firewall\u3001RV130W Wireless-N Multifunction VPN Router\u548cRV215W Wireless-N VPN Router\u4e2d\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5730\u9a8c\u8bc1\u7528\u6237\u63d0\u4ea4\u7684\u6570\u636e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6076\u610f\u7684HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Sezangel",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\n\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-32613",
  "openTime": "2022-05-29",
  "patchDescription": "Cisco RV110W Wireless-N VPN Firewall\u7b49\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u4f01\u4e1a\u7ea7\u8def\u7531\u5668\u3002\r\n\r\nCisco?RV110W Wireless-N VPN Firewall\u3001RV130W Wireless-N Multifunction VPN Router\u548cRV215W Wireless-N VPN Router\u4e2d\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u672a\u80fd\u6b63\u786e\u5730\u9a8c\u8bc1\u7528\u6237\u63d0\u4ea4\u7684\u6570\u636e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u53d1\u9001\u6076\u610f\u7684HTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eCisco\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2022-32613\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco RV110W",
      "Cisco RV130W",
      "Cisco RV215W"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-1663",
  "serverity": "\u9ad8",
  "submitTime": "2022-04-14",
  "title": "\u591a\u6b3eCisco\u4ea7\u54c1\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2022-32613\uff09"
}

CNVD-2019-05902

Vulnerability from cnvd - Published: 2019-03-02

Title

Cisco RV110W、RV130W和RV215W远程命令执行漏洞

Description

Cisco RV110W是一款Wireless-N VPN防火墙，Cisco RV130W是一款Wireless-N多功能VPN路由器，Cisco RV215W是一款Wireless-N VPN路由器。 Cisco RV110W、RV130W和RV215W的基于Web的管理界面存在远程命令执行漏洞。该漏洞源于基于Web的管理界面对用户提供的数据验证不当。未认证远程攻击者可通过向目标设备发送恶意HTTP请求利用该漏洞作为高权限用户在受影响设备的底层操作系统上执行任意代码。

Severity

高

Patch Name

Cisco RV110W、RV130W和RV215W远程命令执行漏洞的补丁

Patch Description

Formal description

厂商已发布漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex

Impacted products

Name
['Cisco RV110W 无', 'Cisco RV130W 无', 'Cisco RV215W 无']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "107185"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-1663"
    }
  },
  "description": "Cisco RV110W\u662f\u4e00\u6b3eWireless-N VPN\u9632\u706b\u5899\uff0cCisco RV130W\u662f\u4e00\u6b3eWireless-N\u591a\u529f\u80fdVPN\u8def\u7531\u5668\uff0cCisco RV215W\u662f\u4e00\u6b3eWireless-N VPN\u8def\u7531\u5668\u3002\n\nCisco RV110W\u3001RV130W\u548cRV215W\u7684\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u6570\u636e\u9a8c\u8bc1\u4e0d\u5f53\u3002\u672a\u8ba4\u8bc1\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u76ee\u6807\u8bbe\u5907\u53d1\u9001\u6076\u610fHTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u4f5c\u4e3a\u9ad8\u6743\u9650\u7528\u6237\u5728\u53d7\u5f71\u54cd\u8bbe\u5907\u7684\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Yu Zhang and Haoliang Lu from GeekPwn conference and T. Shiomitsu from Pen Test Partners LLP",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-05902",
  "openTime": "2019-03-02",
  "patchDescription": "Cisco RV110W\u662f\u4e00\u6b3eWireless-N VPN\u9632\u706b\u5899\uff0cCisco RV130W\u662f\u4e00\u6b3eWireless-N\u591a\u529f\u80fdVPN\u8def\u7531\u5668\uff0cCisco RV215W\u662f\u4e00\u6b3eWireless-N VPN\u8def\u7531\u5668\u3002\r\n\r\nCisco RV110W\u3001RV130W\u548cRV215W\u7684\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5b58\u5728\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5bf9\u7528\u6237\u63d0\u4f9b\u7684\u6570\u636e\u9a8c\u8bc1\u4e0d\u5f53\u3002\u672a\u8ba4\u8bc1\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u5411\u76ee\u6807\u8bbe\u5907\u53d1\u9001\u6076\u610fHTTP\u8bf7\u6c42\u5229\u7528\u8be5\u6f0f\u6d1e\u4f5c\u4e3a\u9ad8\u6743\u9650\u7528\u6237\u5728\u53d7\u5f71\u54cd\u8bbe\u5907\u7684\u5e95\u5c42\u64cd\u4f5c\u7cfb\u7edf\u4e0a\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco RV110W\u3001RV130W\u548cRV215W\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco RV110W \u65e0",
      "Cisco RV130W \u65e0",
      "Cisco RV215W \u65e0"
    ]
  },
  "referenceLink": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex",
  "serverity": "\u9ad8",
  "submitTime": "2019-02-28",
  "title": "Cisco RV110W\u3001RV130W\u548cRV215W\u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\u6f0f\u6d1e"
}

GHSA-P7C3-96FJ-V9CF

Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2022-05-13 01:14

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-1663"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-02-28T18:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.",
  "id": "GHSA-p7c3-96fj-v9cf",
  "modified": "2022-05-13T01:14:53Z",
  "published": "2022-05-13T01:14:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1663"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46705"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/107185"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

VAR-201902-0427

Vulnerability from variot - Updated: 2023-12-18 13:56

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201902-0427",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "rv130w",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.0.3.45"
      },
      {
        "model": "rv215w",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.3.1.1"
      },
      {
        "model": "rv110w",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "1.2.2.1"
      },
      {
        "model": "rv110w wireless-n vpn firewall",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.2.2.1"
      },
      {
        "model": "rv130w wireless-n multifunction vpn router",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.0.3.45"
      },
      {
        "model": "rv215w wireless-n vpn router",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "1.3.1.1"
      },
      {
        "model": "rv110w none",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv130w none",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv215w none",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv110w",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv130w",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "rv215w",
        "scope": null,
        "trust": 0.6,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "small business rv series routers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.3.0.8"
      },
      {
        "model": "small business rv series routers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.2.1.7"
      },
      {
        "model": "small business rv series routers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0.1.2"
      },
      {
        "model": "rv215w wireless-n vpn router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rv130w wireless-n multifunction vpn router",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "rv110w wireless-n vpn firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0"
      },
      {
        "model": "small business rv series routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.3.1.1"
      },
      {
        "model": "small business rv series routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.2.2.1"
      },
      {
        "model": "small business rv series routers",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0.3.45"
      },
      {
        "model": "rv215w wireless-n vpn router",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.3.1.1"
      },
      {
        "model": "rv130w wireless-n multifunction vpn router",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.0.3.45"
      },
      {
        "model": "rv110w wireless-n vpn firewall",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "1.2.2.1"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "BID",
        "id": "107185"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.2.2.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv130w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.0.3.45",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.3.1.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Yu Zhang ????????Haoliang Lu ?? ??,the following security researchers: Yu Zhang and Haoliang Lu at the GeekPwn conference T. Shiomitsu of Pen Test Partners LLP",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2019-1663",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2019-1663",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2019-05902",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2022-32613",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-148795",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "ykramarz@cisco.com",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2019-1663",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2019-1663",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "ykramarz@cisco.com",
            "id": "CVE-2019-1663",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2019-05902",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2022-32613",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201902-988",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-148795",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-1663",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected. \nThis issue is tracked by Cisco Bug ID CSCvn18638, CSCvn18639, CSCvn18642",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "BID",
        "id": "107185"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      }
    ],
    "trust": 3.15
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=47348",
        "trust": 0.3,
        "type": "exploit"
      },
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-148795",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-1663",
        "trust": 4.1
      },
      {
        "db": "BID",
        "id": "107185",
        "trust": 2.7
      },
      {
        "db": "PACKETSTORM",
        "id": "152507",
        "trust": 1.2
      },
      {
        "db": "PACKETSTORM",
        "id": "154310",
        "trust": 1.2
      },
      {
        "db": "PACKETSTORM",
        "id": "153163",
        "trust": 1.2
      },
      {
        "db": "EXPLOIT-DB",
        "id": "46705",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613",
        "trust": 0.7
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988",
        "trust": 0.7
      },
      {
        "db": "EXPLOITALERT",
        "id": "33303",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "42833",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0622.2",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "47348",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "db": "BID",
        "id": "107185"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "id": "VAR-201902-0427",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      }
    ],
    "trust": 2.026174216666667
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 1.2
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:56:47.640000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20190227-rmi-cmd-ex",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190227-rmi-cmd-ex"
      },
      {
        "title": "Patch for CiscoRV110W, RV130W, and RV215W Remote Command Execution Vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/155001"
      },
      {
        "title": "Patch for Buffer Overflow Vulnerability in Multiple Cisco Products (CNVD-2022-32613)",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/331126"
      },
      {
        "title": "Cisco?RV110W Wireless-N VPN Firewall , RV130W Wireless-N Multifunction VPN Router  and RV215W Wireless-N VPN Router Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89695"
      },
      {
        "title": "Cisco: Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190227-rmi-cmd-ex"
      },
      {
        "title": "Cisco-RV130W",
        "trust": 0.1,
        "url": "https://github.com/welove88888/cisco-rv130w "
      },
      {
        "title": "dir2md",
        "trust": 0.1,
        "url": "https://github.com/xinroom/dir2md "
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/zero-day-bug-soho-routers/165321/"
      },
      {
        "title": "The Register",
        "trust": 0.1,
        "url": "https://www.theregister.co.uk/2019/06/24/security_roundup/"
      },
      {
        "title": "Threatpost",
        "trust": 0.1,
        "url": "https://threatpost.com/cisco-fixes-critical-flaw-in-wireless-vpn-firewall-routers/142284/"
      },
      {
        "title": "BleepingComputer",
        "trust": 0.1,
        "url": "https://www.bleepingcomputer.com/news/security/cisco-fixes-critical-rce-vulnerability-in-rv110w-rv130w-and-rv215w-routers/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-787",
        "trust": 1.1
      },
      {
        "problemtype": "CWE-20",
        "trust": 0.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.4,
        "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190227-rmi-cmd-ex"
      },
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-1663"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/107185"
      },
      {
        "trust": 1.3,
        "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
      },
      {
        "trust": 1.2,
        "url": "https://www.exploit-db.com/exploits/46705/"
      },
      {
        "trust": 1.2,
        "url": "http://packetstormsecurity.com/files/152507/cisco-rv130w-routers-management-interface-remote-command-execution.html"
      },
      {
        "trust": 1.2,
        "url": "http://packetstormsecurity.com/files/153163/cisco-rv130w-1.0.3.44-remote-stack-overflow.html"
      },
      {
        "trust": 1.2,
        "url": "http://packetstormsecurity.com/files/154310/cisco-rv110w-rv130-w-rv215w-remote-command-execution.html"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1663"
      },
      {
        "trust": 0.6,
        "url": "https://www.exploitalert.com/view-details.html?id=33303"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/42833"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/76242"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/787.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/welove88888/cisco-rv130w"
      },
      {
        "trust": 0.1,
        "url": "https://www.exploit-db.com/exploits/47348"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "db": "BID",
        "id": "107185"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "db": "BID",
        "id": "107185"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "date": "2022-05-29T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "date": "2019-02-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "date": "2019-02-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "date": "2019-02-27T00:00:00",
        "db": "BID",
        "id": "107185"
      },
      {
        "date": "2019-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "date": "2019-02-28T18:29:02.040000",
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "date": "2019-02-27T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-06-06T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2019-05902"
      },
      {
        "date": "2022-05-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2022-32613"
      },
      {
        "date": "2020-10-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-148795"
      },
      {
        "date": "2020-10-05T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-1663"
      },
      {
        "date": "2019-02-27T00:00:00",
        "db": "BID",
        "id": "107185"
      },
      {
        "date": "2019-04-03T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      },
      {
        "date": "2020-10-05T20:27:08.843000",
        "db": "NVD",
        "id": "CVE-2019-1663"
      },
      {
        "date": "2019-03-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Cisco RV Vulnerability related to input validation in products",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-002114"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201902-988"
      }
    ],
    "trust": 0.6
  }
}

GSD-2019-1663

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-1663

Aliases

CVE-2019-1663

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-1663",
    "description": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.",
    "id": "GSD-2019-1663",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2019-1663"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-1663"
      ],
      "details": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.",
      "id": "GSD-2019-1663",
      "modified": "2023-12-13T01:23:50.983166Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2019-02-27T16:00:00-0800",
        "ID": "CVE-2019-1663",
        "STATE": "PUBLIC",
        "TITLE": "Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "RV110W Wireless-N VPN Firewall",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "1.2.2.1"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "RV130W Wireless-N Multifunction VPN Router",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "1.0.3.45"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "RV215W Wireless-N VPN Router",
                    "version": {
                      "version_data": [
                        {
                          "affected": "\u003c",
                          "version_value": "1.3.1.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Security researchers announced the discovery of this vulnerability, without any technical details or mention of the affected products, at the GeekPwn Shanghai conference on October 24-25, 2018. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "9.8",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-119"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "107185",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/107185"
          },
          {
            "name": "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
          },
          {
            "name": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce",
            "refsource": "MISC",
            "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
          },
          {
            "name": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
          },
          {
            "name": "46705",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/46705/"
          },
          {
            "name": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-20190227-rmi-cmd-ex",
        "defect": [
          [
            "CSCvn18638",
            "CSCvn18639",
            "CSCvn18642"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.2.2.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv130w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.0.3.45",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.3.1.1",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-1663"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-787"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-ex"
            },
            {
              "name": "107185",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/107185"
            },
            {
              "name": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.html"
            },
            {
              "name": "46705",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/46705/"
            },
            {
              "name": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce"
            },
            {
              "name": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-10-05T20:27Z",
      "publishedDate": "2019-02-28T18:29Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-1663 (GCVE-0-2019-1663)

Solution

Solution

Tags

Sightings

Nomenclature