CVE-2018-0423 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Rv130w Wireless-n Multifunction VPN Router Firmware

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources

Severity

8.1HIGHNVD

EPSS

2.9%

top 13.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Rv130w Wireless-n Multifunction VPN Router Firmware

Timeline

PublishedOct 5

Latest updateMay 13

Description

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a denial of service condition or to execute arbitrary code. The vulnerability is due to improper boundary restrictions on user-supplied input in the Guest user feature of the web-based management interface. An attacker could exploit this vulnerability by …

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages1 packages

▶CVEListV5cisco/cisco_rv130w_wireless-n_multifunction_vpn_router_firmwaren/a

🔴Vulnerability Details

GHSA

GHSA-3r77-vxv8-f245: A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, a↗2022-05-13

▶

CVEList

Cisco RV110W, RV130W, and RV215W Routers Management Interface Buffer Overflow Vulnerability↗2018-10-05

▶

📋Vendor Advisories

Cisco

Cisco RV110W, RV130W, and RV215W Routers Management Interface Buffer Overflow Vulnerability↗2018-09-05

▶