CVE-2019-1653

Confirmed PUBLISHED

Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability

Cisco · Cisco Small Business RV Series Router Firmware
Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.5 High EPSS 99.9%

At a Glance

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.

cisa edge metasploit nuclei_scanner
CVE Published
Jan 24, 2019
Exploitation Reported
Nov 03, 2021
CVSS
7.5 High
EPSS
99.9%
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
Cisco
Cisco Small Business RV Series Router Firmware

n/a

Affected

CVE References

Show 10 more references

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.