CVE-2019-1843Improper Input Validation in Cisco Rv130w Wireless-n Multifunction VPN Router Firmware

CWE-20Improper Input Validation4 documents4 sources
Severity
7.5HIGHNVD
CNA8.6
EPSS
0.4%
top 39.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Cisco Rv130w Wireless-n Multifunction VPN Router FirmwareCisco Rv110w FirmwareCisco Rv130w Firmware+1 more
Timeline
PublishedJun 20
Latest updateMay 24

Description

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicio

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

NVDcisco/rv110w_firmware< 1.2.2.4
NVDcisco/rv130w_firmware< 1.0.3.51
NVDcisco/rv215w_firmware< 1.3.1.4

🔴Vulnerability Details

2
GHSA
GHSA-xph6-fh8h-64hj: A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, a2022-05-24
CVEList
Cisco RV110W, RV130W, and RV215W Routers Management Interface Denial of Service Vulnerability2019-06-20

📋Vendor Advisories

1
Cisco
Cisco RV110W, RV130W, and RV215W Routers Management Interface Denial of Service Vulnerability2019-06-19
CVE-2019-1843 — Improper Input Validation in Cisco | cvebase