Cisco RV110W, RV130W, and RV215W Routers Information Disclosure Vulnerability

2019-06-1916:00:00

tools.cisco.com

0.018 Low

EPSS

Percentile

88.3%

JSON

A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network.

The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web interface of the router.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-infodis [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-infodis”]

Affected configurations

Vulners

Node

ciscorv130w_wireless-n_multifunction_vpn_router_firmwareMatchany

ciscorv110w_wireless-n_vpn_firewall_firmwareMatchany

ciscorv215w_wireless-n_vpn_router_firmwareMatchany

ciscorv130w_wireless-n_multifunction_vpn_router_firmwareMatchany

ciscorv110w_wireless-n_vpn_firewall_firmwareMatchany

ciscorv215w_wireless-n_vpn_router_firmwareMatchany

CPENameOperatorVersion
cisco rv130w wireless-n multifunction vpn router firmwareeqany
cisco rv110w wireless-n vpn firewall firmwareeqany
cisco rv215w wireless-n vpn router firmwareeqany
cisco rv130w wireless-n multifunction vpn router firmwareeqany
cisco rv110w wireless-n vpn firewall firmwareeqany
cisco rv215w wireless-n vpn router firmwareeqany

Name	Operator	Version
cisco rv130w wireless-n multifunction vpn router firmware	eq	any
cisco rv110w wireless-n vpn firewall firmware	eq	any
cisco rv215w wireless-n vpn router firmware	eq	any
cisco rv130w wireless-n multifunction vpn router firmware	eq	any
cisco rv110w wireless-n vpn firewall firmware	eq	any
cisco rv215w wireless-n vpn router firmware	eq	any