← voltar
CVE-2019-1663

Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability

CVSS 9.8 CRITICALEPSS 95.7%CWE-119
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user. RV110W Wireless-N VPN Firewall versions prior to 1.2.2.1 are affected. RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected. RV215W Wireless-N VPN Router versions prior to 1.3.1.1 are affected.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Cisco · RV110W Wireless-N VPN FirewallCisco · RV130W Wireless-N Multifunction VPN RouterCisco · RV215W Wireless-N VPN Router
PoCs públicas encontradas10
githubgithub.com/StealYourCode/CVE-2019-16630githubgithub.com/WolffCorentin/CVE-2019-1663-Binary-Analysis0githubgithub.com/KylVGoi/cve-2019-16630cve_referencewww.exploit-db.com/exploits/46705/não verificadoexploitdbwww.exploit-db.com/exploits/47348não verificadoexploitdbwww.exploit-db.com/exploits/46961não verificadocve_referencepacketstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.htmlnão verificadoexploitdbwww.exploit-db.com/exploits/46705não verificadocve_referencepacketstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.htmlnão verificadocve_referencepacketstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-Remote-Command-Execution.htmlhttp://packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflow.htmlhttp://packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command-Execution.htmlhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190227-rmi-cmd-exhttps://www.exploit-db.com/exploits/46705/http://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rcehttp://www.securityfocus.com/bid/107185