CVE Vulnerability

CVE-2019-1653

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info Vendor Advisory
http://www.securityfocus.com/bid/106732 Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46262/ Exploit Third Party Advisory
https://www.youtube.com/watch?v=bx0RQJDlGbY Third Party Advisory
https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/ Third Party Advisory
http://seclists.org/fulldisclosure/2019/Mar/60 Exploit Mailing List
http://seclists.org/fulldisclosure/2019/Mar/59 Exploit Mailing List
https://seclists.org/bugtraq/2019/Mar/54 Mailing List Third Party Advisory
https://seclists.org/bugtraq/2019/Mar/53 Mailing List Third Party Advisory
http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html Exploit Third Party Advisory
http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html Exploit Third Party Advisory
http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/46655/ Third Party Advisory VDB Entry
https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/ Third Party Advisory
https://threatpost.com/scans-cisco-routers-code-execution/141218/ Third Party Advisory
Configurations

Configuration 1
Information

Published : 2019-01-24 04:29

Updated : 2020-10-05 07:37

NVD link : CVE-2019-1653

Mitre link : CVE-2019-1653

Products Affected

Cisco

Rv325

Rv325 Firmware

CWE
CWE-200