Cisco Small Business RV Series Wireless-N VPN Password Disclosure Vulnerability

Last Update Date: 6 Mar 2014 12:13 Release Date: 6 Mar 2014 3896 Views

RISK: Medium Risk

Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability has been identified in Cisco Small Business RV Series. A remote user can gain administrative access on the target system.

 

The web management interface does not properly handle authentication requests. A remote user can intercept and modify an authentication request to gain administrative privileges on the target web interface.

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Cisco RV110W Wireless-N VPN Firewall, firmware versions 1.2.0.9 and prior
  • Cisco RV215W Wireless-N VPN Router, firmware versions 1.1.0.5 and prior
  • Cisco CVR100W Wireless-N VPN Router, firmware versions 1.0.1.19 and prior

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • The vendor has issued a fix.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Cisco Wireless LAN Controllers Multiple vulnerabilities

6 Mar 2014 4125 Views

Next

GnuTLS Certificate Verification Vulnerability

6 Mar 2014 3934 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY