Buffer overflow in Cisco Rv110w Wireless-n Vpn Firewall
CVE-2019-1663
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to…
Vulnerability class: Buffer Overflow
EPSS: 0.872 (99.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Cisco Rv110w Wireless-n Vpn Firewall — versions unspecified
- Cisco Rv130w Wireless-n Multifunction Vpn Router — versions unspecified
- Cisco Rv215w Wireless-n Vpn Router — versions unspecified
Weakness classification (CWE)
Public proof-of-concept exploits
References
- 107185 (vdb-entry, x_refsource_BID)
- 20190227 Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability (vendor-advisory, x_refsource_CISCO)
- www.rapid7.com/db/modules/exploit/linux/http/cisco_rv130_rmi_rce (x_refsource_MISC)
- packetstormsecurity.com/files/152507/Cisco-RV130W-Routers-Management-Interface-… (x_refsource_MISC)
- 46705 (exploit, x_refsource_EXPLOIT-DB)
- packetstormsecurity.com/files/153163/Cisco-RV130W-1.0.3.44-Remote-Stack-Overflo… (x_refsource_MISC)
- packetstormsecurity.com/files/154310/Cisco-RV110W-RV130-W-RV215W-Remote-Command… (x_refsource_MISC)
Frequently asked questions
- What is CVE-2019-1663?
- CVE-2019-1663 is a critical-severity vulnerability in Cisco Rv110w Wireless-n Vpn Firewall, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. CVSS score: 9.8/10. Published 2019-02-28.
- How severe is CVE-2019-1663?
- Critical severity. CVSS v3 base score is 9.8 out of 10.
- Is CVE-2019-1663 known to be exploited?
- 15 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.