CVE-2019-1652
Cisco Small Business RV320 and RV325 Routers Command Injection Vulnerability
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- December 06, 2018
- Published Date
- January 24, 2019
- Last Updated
- November 12, 2024
- Vendor
- Cisco
- Product
- Cisco Small Business RV Series Router Firmware
- Description
- A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root. Cisco has released firmware updates that address this vulnerability.
CVSS Scores
CVSS v3.0
7.2 - HIGH
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
SSVC Information
- Exploitation
- active
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2022-03-03 00:00:00 UTC) Source
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject
https://www.exploit-db.com/exploits/46243/
http://www.securityfocus.com/bid/106728
http://seclists.org/fulldisclosure/2019/Mar/61
https://seclists.org/bugtraq/2019/Mar/55
http://packetstormsecurity.com/files/152262/Cisco-RV320-Command-Injection.html
http://packetstormsecurity.com/files/152305/Cisco-RV320-RV325-Unauthenticated-Remote-Code-Execution.html
https://www.exploit-db.com/exploits/46655/
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-03-03 00:00:00 UTC |
Scanner Integrations
| Scanner | URL | Date Detected |
|---|---|---|
| Metasploit | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/cisco_rv32x_rce.rb | 2025-04-29 11:01:12 UTC |
Potential Proof of Concepts
Warning: These PoCs have not been tested and could contain malware. Use at your own risk.
cisco_rv32x_rce
Type: metasploit • Created: Unknown
Metasploit module for CVE-2019-1652