CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-1828

MEDIUM
5.9
CVSS Severity Score
EPSS Score0.0700%
EPSS Percentile33.79th
Published2019年4月4日
Last Modified2024年11月21日

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for user credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack and decrypting intercepted credentials. A successful exploit could allow the attacker to gain access to an affected device with administrator privileges. This vulnerability affects Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running firmware releases prior to 1.4.2.22.

Affected Platforms (CPE)

💻
Cisco

Rv320 Firmware

< 1.4.2.22
💻
Cisco

Rv325 Firmware

< 1.4.2.22

References & Advisories

🔗 http://www.securityfocus.com/bid/107774
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190404-rv-weak-encrypt
🔗 http://www.securityfocus.com/bid/107774
🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190404-rv-weak-encrypt

相关漏洞威胁

CVE-2019-16537.5

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could a...

CVE-2019-16527.2

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could a...

CVE-2019-18276.1

A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...