exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Cisco Security Advisory 20160803-rv180_2

Cisco Security Advisory 20160803-rv180_2
Posted Aug 3, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to execute arbitrary commands with root-level privileges. Cisco has not released and will not release a firmware update to address this vulnerability. Mitigations for this vulnerability are available.

tags | advisory, remote, web, arbitrary, root
systems | cisco
SHA-256 | 78a2cea7d0b8290cc2f40413a06c209ffb50d3b1aef2bd81c2e903c386d7de4b

Cisco Security Advisory 20160803-rv180_2

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco RV180 VPN and RV180W Wireless-N Multifunction VPN Routers Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20160803-rv180_2

Revision 1.0

For Public Release 2016 August 3 16:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges.

The vulnerability is due to improper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. An exploit could allow the attacker to execute arbitrary commands with root-level privileges.

Cisco has not released and will not release a firmware update to address this vulnerability. Mitigations for this vulnerability are available.

This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_2

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBV5jimq89gD3EAJB5AQJvBg//ctRV2Z10XPE5WaLLYjptaqzxiMxwI9Da
j9Sfi67bG7R+1EIWxWKj5zc8LYogBOz9aw2AyjWsr79bGkHgO0rs0l/6Lo9T+ArA
TNs4QheScjztFCnWRb+Df/xdzTeAB30A5iS5kyrTTJtDA6E8CmuQhXtJXEPzC8cT
p8wyDV4sE8XgHzhrm00DUe8OKQc1zrIpcU5y93AcINwdEf2CXFOllVw1KeDzKQJY
2jM5m1YlTM5Ei8wS4Li/0SmPlaANAZG7i3ElItRHGEO9YGsbt+ZerQsPAd8d+R6c
+HV3IF9tZ5Le0KFhdTw68ST8GAOxcdpL2DA3qtErcpMwhZca6bPU8okZZfhqAD63
mZDnaVWhGKHa+iyGK40cL+OgHmvxQLljvyS1hgj3ESPNYl+dh5ljFVw6KY5rZpRI
Zmi5Av79NNHQK3WalhBfwxsvTlxy0EwbPjetaSws/v3MxH1Xtq1MXhnH35juT4vz
83RvRMTm/71/AKgZ6LZIxcQMoVi9fjcqi7+dpgUBMomziBB+2aqaAH+8B943Knuw
S1Nzhg8Cv184MkkL+RLhSCfzFxfK4usO6v2hz/otJyDB238CZVtKeN+Ym9D5NvwU
dHwzjLQCsFqLbJN1ps5/JcSC8vtE2bLmevJepk+T/tHp0+k0tTmNm9FS3WE1YaIY
VZ+y3ge4778=
=Ywyj
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close