Lucene search
CiscoCVELIST:CVE-2018-0424HistorySep 05, 2018 - 12:00 a.m.
CVE-2018-0424 Cisco RV110W, RV130W, and RV215W Routers Management Interface Command Injection Vulnerability
2018-09-0500:00:00
CWE-77
cisco
www.cve.org
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input to scripts by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the root user.
CNA Affected
[
{
"product": "Cisco RV130W Wireless-N Multifunction VPN Router Firmware ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
]Related
cve
cve
CVE-2018-0424
2018-10-05 14:29:00
nvd
nvd
CVE-2018-0424
2018-10-05 14:29:00
cisco
cisco
prion
prion
Input validation
2018-10-05 14:29:00