Vulnerability-Lookup

CVE-2019-1653 (GCVE-0-2019-1653)

Vulnerability from cvelistv5 – Published: 2019-01-24 16:00 – Updated: 2025-10-21 23:45

Title

Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability

Summary

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.

Severity ?

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-284

Assigner

cisco

References

URL

Tags

	https://www.youtube.com/watch?v=bx0RQJDlGbY	x_refsource_MISC
	https://badpackets.net/over-9000-cisco-rv320-rv32…	x_refsource_MISC
	https://tools.cisco.com/security/center/content/C…	vendor-advisoryx_refsource_CISCO
	http://www.securityfocus.com/bid/106732	vdb-entryx_refsource_BID
	https://www.exploit-db.com/exploits/46262/	exploitx_refsource_EXPLOIT-DB
	http://seclists.org/fulldisclosure/2019/Mar/60	mailing-listx_refsource_FULLDISC
	http://seclists.org/fulldisclosure/2019/Mar/59	mailing-listx_refsource_FULLDISC
	https://seclists.org/bugtraq/2019/Mar/54	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2019/Mar/53	mailing-listx_refsource_BUGTRAQ
	http://packetstormsecurity.com/files/152260/Cisco…	x_refsource_MISC
	http://packetstormsecurity.com/files/152261/Cisco…	x_refsource_MISC
	http://packetstormsecurity.com/files/152305/Cisco…	x_refsource_MISC
	https://www.exploit-db.com/exploits/46655/	exploitx_refsource_EXPLOIT-DB
	https://www.zdnet.com/article/hackers-are-going-a…	x_refsource_MISC
	https://threatpost.com/scans-cisco-routers-code-e…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	Cisco	Cisco Small Business RV Series Router Firmware	Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T18:20:28.354Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
          },
          {
            "name": "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
          },
          {
            "name": "106732",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106732"
          },
          {
            "name": "46262",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46262/"
          },
          {
            "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
          },
          {
            "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
          },
          {
            "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Mar/54"
          },
          {
            "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Mar/53"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
          },
          {
            "name": "46655",
            "tags": [
              "exploit",
              "x_refsource_EXPLOIT-DB",
              "x_transferred"
            ],
            "url": "https://www.exploit-db.com/exploits/46655/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2019-1653",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-08T17:20:12.536408Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:45:43.980Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00.000Z",
            "value": "CVE-2019-1653 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Cisco Small Business RV Series Router Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-01-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-284",
              "description": "CWE-284",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-08T19:15:16.000Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
        },
        {
          "name": "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
        },
        {
          "name": "106732",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106732"
        },
        {
          "name": "46262",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46262/"
        },
        {
          "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
        },
        {
          "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
        },
        {
          "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Mar/54"
        },
        {
          "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Mar/53"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
        },
        {
          "name": "46655",
          "tags": [
            "exploit",
            "x_refsource_EXPLOIT-DB"
          ],
          "url": "https://www.exploit-db.com/exploits/46655/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
        }
      ],
      "source": {
        "advisory": "cisco-sa-20190123-rv-info",
        "defect": [
          [
            "CSCvg85922"
          ]
        ],
        "discovery": "INTERNAL"
      },
      "title": "Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "DATE_PUBLIC": "2019-01-23T16:00:00-0800",
          "ID": "CVE-2019-1653",
          "STATE": "PUBLIC",
          "TITLE": "Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Cisco Small Business RV Series Router Firmware",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Cisco"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
          }
        ],
        "impact": {
          "cvss": {
            "baseScore": "7.5",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-284"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.youtube.com/watch?v=bx0RQJDlGbY",
              "refsource": "MISC",
              "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
            },
            {
              "name": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/",
              "refsource": "MISC",
              "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
            },
            {
              "name": "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
            },
            {
              "name": "106732",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106732"
            },
            {
              "name": "46262",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46262/"
            },
            {
              "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
            },
            {
              "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
            },
            {
              "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Mar/54"
            },
            {
              "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Mar/53"
            },
            {
              "name": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
            },
            {
              "name": "46655",
              "refsource": "EXPLOIT-DB",
              "url": "https://www.exploit-db.com/exploits/46655/"
            },
            {
              "name": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/",
              "refsource": "MISC",
              "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
            },
            {
              "name": "https://threatpost.com/scans-cisco-routers-code-execution/141218/",
              "refsource": "MISC",
              "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
            }
          ]
        },
        "source": {
          "advisory": "cisco-sa-20190123-rv-info",
          "defect": [
            [
              "CSCvg85922"
            ]
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2019-1653",
    "datePublished": "2019-01-24T16:00:00.000Z",
    "dateReserved": "2018-12-06T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:45:43.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2019-1653",
      "cwes": "[\"CWE-284\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-1653",
      "product": "Small Business RV320 and RV325 Routers",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.",
      "vendorProject": "Cisco",
      "vulnerabilityName": "Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.youtube.com/watch?v=bx0RQJDlGbY\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info\", \"name\": \"20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/106732\", \"name\": \"106732\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46262/\", \"name\": \"46262\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Mar/60\", \"name\": \"20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Mar/59\", \"name\": \"20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/54\", \"name\": \"20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/53\", \"name\": \"20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46655/\", \"name\": \"46655\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\", \"x_transferred\"]}, {\"url\": \"https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://threatpost.com/scans-cisco-routers-code-execution/141218/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T18:20:28.354Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-1653\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-08T17:20:12.536408Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2021-11-03T00:00:00.000Z\", \"value\": \"CVE-2019-1653 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-08T16:06:09.355Z\"}}], \"cna\": {\"title\": \"Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability\", \"source\": {\"defect\": [[\"CSCvg85922\"]], \"advisory\": \"cisco-sa-20190123-rv-info\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Small Business RV Series Router Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"datePublic\": \"2019-01-23T00:00:00.000Z\", \"references\": [{\"url\": \"https://www.youtube.com/watch?v=bx0RQJDlGbY\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info\", \"name\": \"20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability\", \"tags\": [\"vendor-advisory\", \"x_refsource_CISCO\"]}, {\"url\": \"http://www.securityfocus.com/bid/106732\", \"name\": \"106732\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46262/\", \"name\": \"46262\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Mar/60\", \"name\": \"20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Mar/59\", \"name\": \"20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/54\", \"name\": \"20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/53\", \"name\": \"20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.exploit-db.com/exploits/46655/\", \"name\": \"46655\", \"tags\": [\"exploit\", \"x_refsource_EXPLOIT-DB\"]}, {\"url\": \"https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://threatpost.com/scans-cisco-routers-code-execution/141218/\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"CWE-284\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2019-04-08T19:15:16.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.0\", \"baseScore\": \"7.5\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\"}}, \"source\": {\"defect\": [[\"CSCvg85922\"]], \"advisory\": \"cisco-sa-20190123-rv-info\", \"discovery\": \"INTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"Cisco Small Business RV Series Router Firmware\"}]}, \"vendor_name\": \"Cisco\"}]}}, \"exploit\": [{\"lang\": \"en\", \"value\": \"The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.\"}], \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.youtube.com/watch?v=bx0RQJDlGbY\", \"name\": \"https://www.youtube.com/watch?v=bx0RQJDlGbY\", \"refsource\": \"MISC\"}, {\"url\": \"https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/\", \"name\": \"https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/\", \"refsource\": \"MISC\"}, {\"url\": \"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info\", \"name\": \"20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability\", \"refsource\": \"CISCO\"}, {\"url\": \"http://www.securityfocus.com/bid/106732\", \"name\": \"106732\", \"refsource\": \"BID\"}, {\"url\": \"https://www.exploit-db.com/exploits/46262/\", \"name\": \"46262\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Mar/60\", \"name\": \"20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval\", \"refsource\": \"FULLDISC\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Mar/59\", \"name\": \"20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export\", \"refsource\": \"FULLDISC\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/54\", \"name\": \"20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/53\", \"name\": \"20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html\", \"name\": \"http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html\", \"name\": \"http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html\", \"name\": \"http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.exploit-db.com/exploits/46655/\", \"name\": \"46655\", \"refsource\": \"EXPLOIT-DB\"}, {\"url\": \"https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/\", \"name\": \"https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/\", \"refsource\": \"MISC\"}, {\"url\": \"https://threatpost.com/scans-cisco-routers-code-execution/141218/\", \"name\": \"https://threatpost.com/scans-cisco-routers-code-execution/141218/\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-284\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-1653\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability\", \"ASSIGNER\": \"psirt@cisco.com\", \"DATE_PUBLIC\": \"2019-01-23T16:00:00-0800\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2019-1653\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:45:43.980Z\", \"dateReserved\": \"2018-12-06T00:00:00.000Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2019-01-24T16:00:00.000Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GSD-2019-1653

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2019-1653

Aliases

CVE-2019-1653

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-1653",
    "description": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.",
    "id": "GSD-2019-1653",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2019-1653"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-1653"
      ],
      "details": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.",
      "id": "GSD-2019-1653",
      "modified": "2023-12-13T01:23:51.088874Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2019-1653",
      "dateAdded": "2021-11-03",
      "dueDate": "2022-05-03",
      "product": "RV320 and RV325 Routers",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.",
      "vendorProject": "Cisco",
      "vulnerabilityName": "Cisco RV320 and RV325 Routers Improper Access Control Vulnerability (COVID-19-CTI list)"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2019-01-23T16:00:00-0800",
        "ID": "CVE-2019-1653",
        "STATE": "PUBLIC",
        "TITLE": "Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Cisco Small Business RV Series Router Firmware ",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Cisco"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
        }
      ],
      "impact": {
        "cvss": {
          "baseScore": "7.5",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N ",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-284"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.youtube.com/watch?v=bx0RQJDlGbY",
            "refsource": "MISC",
            "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
          },
          {
            "name": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/",
            "refsource": "MISC",
            "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
          },
          {
            "name": "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
            "refsource": "CISCO",
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
          },
          {
            "name": "106732",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/106732"
          },
          {
            "name": "46262",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/46262/"
          },
          {
            "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
          },
          {
            "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
            "refsource": "FULLDISC",
            "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
          },
          {
            "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/Mar/54"
          },
          {
            "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
            "refsource": "BUGTRAQ",
            "url": "https://seclists.org/bugtraq/2019/Mar/53"
          },
          {
            "name": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
          },
          {
            "name": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
          },
          {
            "name": "46655",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/46655/"
          },
          {
            "name": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/",
            "refsource": "MISC",
            "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
          },
          {
            "name": "https://threatpost.com/scans-cisco-routers-code-execution/141218/",
            "refsource": "MISC",
            "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
          }
        ]
      },
      "source": {
        "advisory": "cisco-sa-20190123-rv-info",
        "defect": [
          [
            "CSCvg85922"
          ]
        ],
        "discovery": "INTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2019-1653"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20190123 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
            },
            {
              "name": "106732",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/106732"
            },
            {
              "name": "46262",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/46262/"
            },
            {
              "name": "https://www.youtube.com/watch?v=bx0RQJDlGbY",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
            },
            {
              "name": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
            },
            {
              "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
            },
            {
              "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
              "refsource": "FULLDISC",
              "tags": [
                "Exploit",
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
            },
            {
              "name": "20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval",
              "refsource": "BUGTRAQ",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://seclists.org/bugtraq/2019/Mar/54"
            },
            {
              "name": "20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export",
              "refsource": "BUGTRAQ",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://seclists.org/bugtraq/2019/Mar/53"
            },
            {
              "name": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
            },
            {
              "name": "46655",
              "refsource": "EXPLOIT-DB",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://www.exploit-db.com/exploits/46655/"
            },
            {
              "name": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
            },
            {
              "name": "https://threatpost.com/scans-cisco-routers-code-execution/141218/",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2020-10-05T19:37Z",
      "publishedDate": "2019-01-24T16:29Z"
    }
  }
}

GHSA-J8W2-WX5P-FVX4

Vulnerability from github – Published: 2022-05-13 01:14 – Updated: 2025-10-22 00:31

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-1653"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-284"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-01-24T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.",
  "id": "GHSA-j8w2-wx5p-fvx4",
  "modified": "2025-10-22T00:31:37Z",
  "published": "2022-05-13T01:14:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1653"
    },
    {
      "type": "WEB",
      "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Mar/53"
    },
    {
      "type": "WEB",
      "url": "https://seclists.org/bugtraq/2019/Mar/54"
    },
    {
      "type": "WEB",
      "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218"
    },
    {
      "type": "WEB",
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46262"
    },
    {
      "type": "WEB",
      "url": "https://www.exploit-db.com/exploits/46655"
    },
    {
      "type": "WEB",
      "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
    },
    {
      "type": "WEB",
      "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/106732"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2019-AVI-034

Vulnerability from certfr_avis - Published: 2019-01-24 - Updated: 2019-01-24

De multiples vulnérabilités ont été découvertes dans les produits Cisco . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco FND versions antérieures à 4.1.2-19
Cisco	N/A	Cisco Webex Teams versions antérieures à 3.0.10260
Cisco	N/A	Microgiciels des routeurs RV320 et RV325 Dual Gigabit WAN VPN versions antérieures à 1.4.2.20
Cisco	Identity Services Engine	Cisco Identity Services Engine versions antérieures à 2.2.0 Patch 10
Cisco	N/A	Webex Network Recording Player et Webex Player versions antérieures à WBS32.15.33
Cisco	Identity Services Engine	Cisco Identity Services Engine version 2.2.1 antérieures à 2.2.1 Patch 1
Cisco	N/A	Cisco FND versions 4.2.0 et 4.3.0 antérieures à 4.3.0-133
Cisco	N/A	Cisco SD-WAN Solution versions antérieures à 18.4.0
Cisco	N/A	Webex Network Recording Player versions antérieures à 2.8MR3 SecurityPatch1 ou 3.0MR2 SecurityPatch2
Cisco	N/A	Webex Network Recording Player et Webex Player versions antérieures à WBS33.6.1
Cisco	Identity Services Engine	Cisco Identity Services Engine version 2.3 antérieures à 2.3 Patch 5
Cisco	N/A	Webex Network Recording Player et Webex Player versions antérieures à 1.3.40
Cisco	Identity Services Engine	Cisco Identity Services Engine version 2.5 antérieures à 2.4 Patch 2
Cisco	N/A	Cisco Firepower version 6.30 sans le correctif de sécurité Hotfix B

References

Title

Publication Time

CNVD-2019-02748

Vulnerability from cnvd - Published: 2019-01-25

Title

Cisco Small Business RV320和RV325信息泄露漏洞

Description

Cisco Small Business RV320和RV325都是美国思科（Cisco）公司的企业级路由器。使用1.4.2.15版本至1.4.2.19版本固件的Cisco Small Business RV320和RV325中基于Web的管理界面存在信息泄露漏洞，该漏洞源于程序对URLs执行了错误的访问控制，远程攻击者可通过HTTP或HTTPS协议连接受影响的设备并请求URLs利用该漏洞检索敏感信息。

Severity

高

Patch Name

Cisco Small Business RV320和RV325信息泄露漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info

Reference

https://www.auscert.org.au/bulletins/74530

Impacted products

Name
['Cisco Cisco Small Business RV320 >=1.4.2.15，<=1.4.2.19', 'Cisco Cisco Small Business RV325 >=1.4.2.15，<=1.4.2.19']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-1653"
    }
  },
  "description": "Cisco Small Business RV320\u548cRV325\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4f01\u4e1a\u7ea7\u8def\u7531\u5668\u3002\n\n\u4f7f\u75281.4.2.15\u7248\u672c\u81f31.4.2.19\u7248\u672c\u56fa\u4ef6\u7684Cisco Small Business RV320\u548cRV325\u4e2d\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5bf9URLs\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7HTTP\u6216HTTPS\u534f\u8bae\u8fde\u63a5\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5e76\u8bf7\u6c42URLs\u5229\u7528\u8be5\u6f0f\u6d1e\u68c0\u7d22\u654f\u611f\u4fe1\u606f\u3002",
  "discovererName": "RedTeam Pentesting GmbH",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-02748",
  "openTime": "2019-01-25",
  "patchDescription": "Cisco Small Business RV320\u548cRV325\u90fd\u662f\u7f8e\u56fd\u601d\u79d1\uff08Cisco\uff09\u516c\u53f8\u7684\u4f01\u4e1a\u7ea7\u8def\u7531\u5668\u3002\r\n\r\n\u4f7f\u75281.4.2.15\u7248\u672c\u81f31.4.2.19\u7248\u672c\u56fa\u4ef6\u7684Cisco Small Business RV320\u548cRV325\u4e2d\u57fa\u4e8eWeb\u7684\u7ba1\u7406\u754c\u9762\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5bf9URLs\u6267\u884c\u4e86\u9519\u8bef\u7684\u8bbf\u95ee\u63a7\u5236\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u901a\u8fc7HTTP\u6216HTTPS\u534f\u8bae\u8fde\u63a5\u53d7\u5f71\u54cd\u7684\u8bbe\u5907\u5e76\u8bf7\u6c42URLs\u5229\u7528\u8be5\u6f0f\u6d1e\u68c0\u7d22\u654f\u611f\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Cisco Small Business RV320\u548cRV325\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Cisco Cisco Small Business RV320 \u003e=1.4.2.15\uff0c\u003c=1.4.2.19",
      "Cisco Cisco Small Business RV325 \u003e=1.4.2.15\uff0c\u003c=1.4.2.19"
    ]
  },
  "referenceLink": "https://www.auscert.org.au/bulletins/74530",
  "serverity": "\u9ad8",
  "submitTime": "2019-01-25",
  "title": "Cisco Small Business RV320\u548cRV325\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2019-1653

Vulnerability from fstec - Published: 23.01.2019

Title

Уязвимость веб-интерфейса микропрограммного обеспечения маршрутизаторов Cisco Small Business RV320 и Cisco Small Business RV325, позволяющая нарушителю раскрыть защищаемую информацию

Description

Уязвимость веб-интерфейса микропрограммного обеспечения маршрутизаторов Cisco Small Business RV320 и Cisco Small Business RV325 связана с недостатками контроля доступа к URL-адресам. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, раскрыть защищаемую информацию с использованием HTTP или HTTPS-запросов

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vendor

Cisco Systems Inc.

Software Name

Cisco Small Business RV320, Cisco Small Business RV325

Software Version

1.4.2.15 (Cisco Small Business RV320), 1.4.2.17 (Cisco Small Business RV320), 1.4.2.15 (Cisco Small Business RV325), 1.4.2.17 (Cisco Small Business RV325)

Possible Mitigations

Использование рекомендаций: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info

Reference

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info https://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv https://www.exploit-db.com/exploits/46262/

CWE

CWE-284

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Cisco Systems Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.4.2.15 (Cisco Small Business RV320), 1.4.2.17 (Cisco Small Business RV320), 1.4.2.15 (Cisco Small Business RV325), 1.4.2.17 (Cisco Small Business RV325)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "23.01.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "18.02.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.01.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-00340",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-1653",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Cisco Small Business RV320, Cisco Small Business RV325",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 Cisco Small Business RV320 \u0438 Cisco Small Business RV325, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 Cisco Small Business RV320 \u0438 Cisco Small Business RV325 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a URL-\u0430\u0434\u0440\u0435\u0441\u0430\u043c. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c HTTP \u0438\u043b\u0438 HTTPS-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info\nhttps://www.cisa.gov/sites/default/files/csv/known_exploited_vulnerabilities.csv\nhttps://www.exploit-db.com/exploits/46262/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,1)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

FKIE_CVE-2019-1653

Vulnerability from fkie_nvd - Published: 2019-01-24 16:29 - Updated: 2025-10-28 13:57

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
psirt@cisco.com	http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
psirt@cisco.com	http://seclists.org/fulldisclosure/2019/Mar/59	Exploit, Mailing List, Third Party Advisory
psirt@cisco.com	http://seclists.org/fulldisclosure/2019/Mar/60	Exploit, Mailing List, Third Party Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/106732	Third Party Advisory, VDB Entry
psirt@cisco.com	https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/	Third Party Advisory
psirt@cisco.com	https://seclists.org/bugtraq/2019/Mar/53	Mailing List, Third Party Advisory
psirt@cisco.com	https://seclists.org/bugtraq/2019/Mar/54	Mailing List, Third Party Advisory
psirt@cisco.com	https://threatpost.com/scans-cisco-routers-code-execution/141218/	Third Party Advisory
psirt@cisco.com	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info	Vendor Advisory
psirt@cisco.com	https://www.exploit-db.com/exploits/46262/	Exploit, Third Party Advisory, VDB Entry
psirt@cisco.com	https://www.exploit-db.com/exploits/46655/	Third Party Advisory, VDB Entry
psirt@cisco.com	https://www.youtube.com/watch?v=bx0RQJDlGbY	Third Party Advisory
psirt@cisco.com	https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Mar/59	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://seclists.org/fulldisclosure/2019/Mar/60	Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/106732	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/Mar/53	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://seclists.org/bugtraq/2019/Mar/54	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://threatpost.com/scans-cisco-routers-code-execution/141218/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/46262/	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.exploit-db.com/exploits/46655/	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.youtube.com/watch?v=bx0RQJDlGbY	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/	Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653	US Government Resource

Impacted products

Vendor	Product	Version
cisco	rv320_firmware	1.4.2.15
cisco	rv320_firmware	1.4.2.17
cisco	rv320	-
cisco	rv325_firmware	1.4.2.15
cisco	rv325_firmware	1.4.2.17
cisco	rv325	-

JSON

To clipboard

{
  "cisaActionDue": "2022-05-03",
  "cisaExploitAdd": "2021-11-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en la interfaz web de los routers Cisco Small Business RV320 y RV325 Dual Gigabit WAN VPN podr\u00eda permitir que un atacante remoto sin autenticar recupere informaci\u00f3n sensible. Esta vulnerabilidad se debe a controles de acceso incorrectos para las URL. Un atacante podr\u00eda explotar esta vulnerabilidad conect\u00e1ndose a un dispositivo afectado mediante HTTP o HTTPS y solicitando URL espec\u00edficas. Un exploit con \u00e9xito podr\u00eda permitir al atacante descargar la configuraci\u00f3n del router o informaci\u00f3n de diagn\u00f3stico detallada. Cisco ha publicado actualizaciones de firmware que tratan esta vulnerabilidad."
    }
  ],
  "id": "CVE-2019-1653",
  "lastModified": "2025-10-28T13:57:57.263",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "psirt@cisco.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-01-24T16:29:00.317",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106732"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Mar/53"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Mar/54"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46262/"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46655/"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152260/Cisco-RV320-Unauthenticated-Configuration-Export.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152261/Cisco-RV320-Unauthenticated-Diagnostic-Data-Retrieval.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Mar/59"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://seclists.org/fulldisclosure/2019/Mar/60"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/106732"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://badpackets.net/over-9000-cisco-rv320-rv325-routers-vulnerable-to-cve-2019-1653/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Mar/53"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://seclists.org/bugtraq/2019/Mar/54"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://threatpost.com/scans-cisco-routers-code-execution/141218/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46262/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/46655/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.youtube.com/watch?v=bx0RQJDlGbY"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zdnet.com/article/hackers-are-going-after-cisco-rv320rv325-routers-using-a-new-exploit/"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "tags": [
        "US Government Resource"
      ],
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1653"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "psirt@cisco.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-1653 (GCVE-0-2019-1653)

GSD-2019-1653

GHSA-J8W2-WX5P-FVX4

CERTFR-2019-AVI-034

Solution

CNVD-2019-02748

CVE-2019-1653

FKIE_CVE-2019-1653

Tags

Sightings

Nomenclature