CVE-2018-0405
Cisco RV180W Wireless-N Multifunction VPN Router Directory Path Traversal Vulnerability
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 2.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
05 out 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location.
Produtos afetados
Cisco · Cisco RV180W Wireless-N Multifunction VPN RouterQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →