CVE-2018-0405
Cisco RV180W Wireless-N Multifunction VPN Router Directory Path Traversal Vulnerability
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 2.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
05 oct 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location.
Productos afectados
Cisco · Cisco RV180W Wireless-N Multifunction VPN Router¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →