vendor:
RV130W Wireless-N Multifunction VPN Router
by:
@0x00string
9.8
CVSS
CRITICAL
Stack Overflow
119
CWE
Product Name: RV130W Wireless-N Multifunction VPN Router
Affected Version From: 1.0.3.44
Affected Version To: Prior
Patch Exists: YES
Related CWE: CVE-2019-1663
CPE: h:cisco:rv130w_wireless-n_multifunction_vpn_router
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: 1.0.3.44
2019
Cisco RV130W Remote Stack Overflow
A stack overflow vulnerability exists in Cisco RV130W Wireless-N Multifunction VPN Router running firmware version 1.0.3.44 and prior. An unauthenticated attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the router's web interface. This will allow the attacker to execute arbitrary code on the router.
Mitigation:
Upgrade to the latest version of the firmware.
