Cisco Small Business RV Series - Information Disclosure (CVE-2019-1653)

Severity
CVSSv3 Score: 7.5
CVE: CVE-2019-1653

Vulnerability description

The Cisco server is vulnerable to CVE-2019-1653, an Information Disclosure vulnerability, affecting the /cgi-bin/config.exp endpoint. The root cause of this vulnerability exists because the device allow access controls for the affected endpoint. An attacker can send an HTTP GET request and retrieve router configuration and diagnostics detail.

Risk description

The risk exists that a remote unauthenticated attacker can steal confidential information and crack the credentials in order to access the internal network.

Exploit capabilities

Sniper can extract custom artefacts as evidence from the target system.

Recommendation

Upgrade the Cisco firmware to the latest version.

References

https://nvd.nist.gov/vuln/detail/CVE-2019-1653

https://www.rapid7.com/blog/post/2019/01/29/cisco-r-rv320-rv325-router-unauthenticated-configuration-export-vulnerability-cve-2019-1653-what-you-need-to-know/

Codename

Detectable with: Network Scanner
Exploitable with Sniper: Yes
Vuln date: Jan 2019
Published at: Dec 2022
Updated at: Dec 2022
Software Type: VPN Router
Vendor: Cisco
Product: Cisco Systems