Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2019-1652
HistoryJan 24, 2019 - 3:29 p.m.

CVE-2019-1652

2019-01-2415:29:00
CWE-78
[email protected]
web.nvd.nist.gov
899
In Wild
20
cisco
rv320
rv325
web management
remote code execution
vulnerability
cve-2019-1652
nvd

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability.

Social References

More

Related

packetstorm 3
attackerkb 1
checkpoint_advisories 1
zdt 2
cisa_kev 1
exploitpack 1
prion 1
cisco 1
exploitdb 2
metasploit 1
nessus 4
thn 2
threatpost 4
fireeye 1
ics 2
packetstorm
packetstorm
Cisco RV320 Command Injection
2019-01-24 00:00:00
Cisco RV320 Command Injection
2019-03-27 00:00:00
Cisco RV320 / RV325 Unauthenticated Remote Code Execution
2019-03-30 00:00:00
attackerkb
attackerkb
CVE-2019-1652
2019-01-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Cisco RV320 Command Injection (CVE-2019-1652)
2019-01-27 00:00:00
zdt
zdt
Cisco RV320 Command Injection Vulnerability
2019-03-27 00:00:00
Cisco RV320 / RV325 Unauthenticated Remote Code Execution Exploit
2019-03-30 00:00:00
cisa_kev
cisa_kev
Cisco Small Business Routers Improper Input Validation Vulnerability
2022-03-03 00:00:00
exploitpack
exploitpack
Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection
2019-01-25 00:00:00
prion
prion
Input validation
2019-01-24 15:29:00
cisco
cisco
Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability
2019-01-23 16:00:00
exploitdb
exploitdb
Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection
2019-01-25 00:00:00
Cisco RV320 and RV325 - Unauthenticated Remote Code Execution (Metasploit)
2019-04-03 00:00:00
metasploit
metasploit
Cisco RV320 and RV325 Unauthenticated Remote Code Execution
2019-02-25 14:51:05
nessus
nessus
Cisco Small Business RV320 and RV325 Routers Multiple Vulnerabilities (cisco-sa-20190123-rv-inject, cisco-sa-20190123-rv-info)
2019-04-15 00:00:00
Cisco RV320 < 1.4.2.22 Multiple Vulnerabilities
2019-04-16 00:00:00
Cisco RV325 < 1.4.2.22 Multiple Vulnerabilities
2019-04-16 00:00:00
thn
thn
China-backed Hackers Hijack Software Updates to Implant "NSPX30" Spyware
2024-01-25 10:08:00
New Exploit Threatens Over 9,000 Hackable Cisco RV320/RV325 Routers Worldwide
2019-01-28 11:31:00
threatpost
threatpost
Active Scans Target Vulnerable Cisco Routers for Remote Code-Execution
2019-01-28 16:04:07
Cisco Finally Patches Router Bugs As New Unpatched Flaws Surface
2019-04-05 20:29:09
Chinese Hackers Exploit Cisco, Citrix Flaws in Massive Espionage Campaign
2020-03-25 15:57:25
fireeye
fireeye
This IsΒ Not a Test: APT41 Initiates Global Intrusion Campaign Using Multiple Exploits
2020-03-25 00:00:00
ics
ics
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices
2022-06-10 12:00:00
Potential for China Cyber Response to Heightened U.S.–China Tensions
2020-10-20 12:00:00

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.975 High

EPSS

Percentile

100.0%

JSON
Related for CVE-2019-1652
packetstorm3attackerkb1checkpoint_advisories1zdt2cisa_kev1exploitpack1prion1cisco1exploitdb2metasploit1nessus4thn2threatpost4fireeye1ics2