RCE in Cisco Rv130w Wireless-n Multifunction Vpn Router Firmware

CVE-2018-0424

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to ex…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.008 (74.3th percentile) — read the EPSS interpretation.

Affected products

Cisco Rv130w Wireless-n Multifunction Vpn Router Firmware — versions n/a

Weakness classification (CWE)

CWE-77 — Command Injection

References

1041677 (vdb-entry, x_refsource_SECTRACK)
20180905 Cisco RV110W, RV130W, and RV215W Routers Management Interface Command Injection Vulnerability (x_refsource_CISCO, vendor-advisory)