VDB
CVE-2019-1647
CVE-2019-1647
PUBLISHED
CVSS 7.199999809265137 HIGH
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability.
EPSS 0.85% · 75.3th percentile
Risk Scores
CVSS 3.0
7.199999809265137
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.85%
75.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware | * |
Exploit Intelligence
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1652 (circl)
- 20190123 Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability (circl)
- 46243 (circl)
- 106728 (circl)
- 20190327 [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval (circl)
- 20190327 [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval (circl)
- http://packetstormsecurity.com/files/152262/Cisco-RV320-Command-Injection.html (circl)
- http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html (circl)
- 46655 (circl)
- CIRCL exploited: CVE-2019-1652 (circl-sighting)
…and 17 more exploits
Timeline
- Jan 23, 2019 CVE Published
- Jan 24, 2019 PoC Published
- Jan 25, 2019 PoC Published
- Jan 28, 2019 PoC Published
- Mar 28, 2019 PoC Published
- Apr 3, 2019 PoC Published
- Apr 20, 2020 PoC Published
- Apr 20, 2020 PoC Published
- Oct 9, 2020 PoC Published
- Oct 9, 2020 PoC Published
- Oct 15, 2020 PoC Published
- Oct 16, 2020 PoC Published
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-ise-privilege advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-teams advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-unaccess advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-sol-escal advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-firepowertds-bypass advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-file-write advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-iot-fnd-dos advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-bo advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-webex-rce advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-sdwan-escal advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject advisory
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info advisory
- 46243 exploit
- 106728 vdb
- 20190327 [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval mailing-list
- 20190327 [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval mailing-list
- http://packetstormsecurity.com/files/152262/Cisco-RV320-Command-Injection.html url
- http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html url
- 46655 exploit
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-1652 url