Cisco RV180W Wireless-N Multifunction VPN Router

CPE Details

Cisco RV180W Wireless-N Multifunction VPN Router
cisco
rv180w_wireless-n_multifunction_vpn_router
-
2016-02-24
16h12 +00:00
2016-02-24
16h12 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:h:cisco:rv180w_wireless-n_multifunction_vpn_router:-:*:*:*:*:*:*:*

Informations

Vendor

cisco

Product

rv180w_wireless-n_multifunction_vpn_router

Version

-

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2018-0404 2018-10-05 16h00 +00:00 A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. The product has entered the end-of-life phase and there will be no more firmware fixes.
7.5
Haute
CVE-2016-1429 2016-08-07 22h00 +00:00 Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuz43023.
7.5
Haute
CVE-2015-6319 2016-01-27 21h00 +00:00 SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.
9.8
Critique
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.