CPE Details
Cisco RV180W Wireless-N Multifunction VPN Router
-
2016-02-24
16h12 +00:00
16h12 +00:00
2016-02-24
16h12 +00:00
16h12 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:h:cisco:rv180w_wireless-n_multifunction_vpn_router:-:*:*:*:*:*:*:*
Informations
Vendor
ciscoProduct
rv180w_wireless-n_multifunction_vpn_routerVersion
-Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. The product has entered the end-of-life phase and there will be no more firmware fixes. | 7.5 |
Haute |
||
| Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuz43023. | 7.5 |
Haute |
||
| SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574. | 9.8 |
Critique |
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC)
sont maintenues par MITRE Corporation, et les informations sur les configurations
logicielles et matérielles (CPE) proviennent du NVD.