What is CVE-2019-1899?

CVE-2019-1899 is a medium-severity vulnerability in Cisco Rv130w Wireless-n Multifunction Vpn Router Firmware, classified under Improper Authorization. CVSS score: 5.3/10. Published 2019-06-20.

How severe is CVE-2019-1899?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Is CVE-2019-1899 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Cisco Rv130w Wireless-n Multifunction Vpn Router Firmware

CVE-2019-1899

A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network. The vulnerability is due to improper a…

EPSS: 0.014 (80.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N.

Affected products

Cisco Rv130w Wireless-n Multifunction Vpn Router Firmware — versions unspecified

Weakness classification (CWE)

CWE-285 — Improper Authorization

Public proof-of-concept exploits

References

20190619 Cisco RV110W, RV130W, and RV215W Routers Information Disclosure Vulnerability (vendor-advisory, x_refsource_CISCO)
www.tenable.com/security/research/tra-2019-29 (x_refsource_MISC)
108867 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2019-1899?: CVE-2019-1899 is a medium-severity vulnerability in Cisco Rv130w Wireless-n Multifunction Vpn Router Firmware, classified under Improper Authorization. CVSS score: 5.3/10. Published 2019-06-20.
How severe is CVE-2019-1899?: Medium severity. CVSS v3 base score is 5.3 out of 10.
Is CVE-2019-1899 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.