Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistCiscoCVELIST:CVE-2019-1663
HistoryFeb 27, 2019 - 12:00 a.m.

CVE-2019-1663 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability

2019-02-2700:00:00
CWE-119
cisco
www.cve.org

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.972 High

EPSS

Percentile

99.9%

JSON

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.

CNA Affected

[
  {
    "product": "RV110W Wireless-N VPN Firewall",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "1.2.2.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "RV130W Wireless-N Multifunction VPN Router",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "1.0.3.45",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "RV215W Wireless-N VPN Router",
    "vendor": "Cisco",
    "versions": [
      {
        "lessThan": "1.3.1.1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

pentestpartners 1
cve 1
prion 1
threatpost 5
zdt 3
exploitpack 1
cisco 1
packetstorm 3
checkpoint_advisories 1
nessus 1
nvd 1
cve0day 1
exploitdb 1
pentestpartners
pentestpartners
Cisco RV130 – It’s 2019, but yet: strcpy
2019-02-28 08:00:49
cve
cve
CVE-2019-1663
2019-02-28 18:29:02
prion
prion
Input validation
2019-02-28 18:29:00
threatpost
threatpost
19-Year-Old TLS Vulnerability Weakens Website Crypto
2017-12-13 14:33:32
Cisco Fixes Critical Flaw in Wireless VPN, Firewall Routers
2019-02-28 14:27:13
Cisco Confirms Critical Firewall Software Bug Is Under Attack
2018-02-09 13:06:34
zdt
zdt
Cisco RV110W / RV130(W) / RV215W Remote Command Execution Exploit
2019-09-02 00:00:00
Cisco RV130W Routers Management Interface Remote Command Execution Exploit
2019-04-15 00:00:00
Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit
2019-06-04 00:00:00
exploitpack
exploitpack
Cisco RV130W 1.0.3.44 - Remote Stack Overflow
2019-06-04 00:00:00
cisco
cisco
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability
2019-02-27 16:00:00
packetstorm
packetstorm
Cisco RV130W 1.0.3.44 Remote Stack Overflow
2019-06-04 00:00:00
Cisco RV130W Routers Management Interface Remote Command Execution
2019-04-14 00:00:00
Cisco RV110W / RV130(W) / RV215W Remote Command Execution
2019-09-02 00:00:00
checkpoint_advisories
checkpoint_advisories
Cisco Multiple Routers Remote Code Execution (CVE-2019-1663)
2019-03-03 00:00:00
nessus
nessus
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability (cisco-sa-20190227-rmi-cmd-ex)
2019-02-27 00:00:00
nvd
nvd
CVE-2019-1663
2019-02-28 18:29:02
cve0day
cve0day
Cisco Routers CVE-2019-1663 Remote Command Execution
2019-03-07 13:55:18
exploitdb
exploitdb
Cisco RV130W 1.0.3.44 - Remote Stack Overflow
2019-06-04 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.972 High

EPSS

Percentile

99.9%

JSON
Related for CVELIST:CVE-2019-1663
pentestpartners1cve1prion1threatpost5zdt3exploitpack1cisco1packetstorm3checkpoint_advisories1nessus1nvd1cve0day1exploitdb1