Cisco Small Business RV Series - Information Disclosure (CVE-2019-1653)

Severity

CVE

CVE-2019-1653

CVSSv3 Score

7.5

Exploitable with Sniper

Yes

Vulnerability description

The Cisco server is vulnerable to CVE-2019-1653, an Information Disclosure vulnerability, affecting the /cgi-bin/config.exp endpoint. The root cause of this vulnerability exists because the device allow access controls for the affected endpoint. An attacker can send an HTTP GET request and retrieve router configuration and diagnostics detail.

Exploit capabilities

Sniper can extract custom artefacts as evidence from the target system.

Risk description

The risk exists that a remote unauthenticated attacker can steal confidential information and crack the credentials in order to access the internal network.

Recommendation

Upgrade the Cisco firmware to the latest version.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-1653

https://www.rapid7.com/blog/post/2019/01/29/cisco-r-rv320-rv325-router-unauthenticated-configuration-export-vulnerability-cve-2019-1653-what-you-need-to-know/

Detectable with

Network Scanner

Vuln date

Jan 2019

Published

Dec 2022

Updated

Dec 2022

Software Type

VPN Router

Vendor

Cisco

Product

Cisco Systems

Codename