ID

VAR-201802-0594


CVE

CVE-2018-0125


TITLE

Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Router input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002222

DESCRIPTION

A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2+ Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170. Vendors have confirmed this vulnerability Bug ID CSCvg92737 and CSCvh60170 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco RV132WADSL2+Wireless-NVPNRouters and RV134WVDSL2Wireless-ACVPNRouters are routers of Cisco Systems of the United States. A remote command execution vulnerability exists in the CiscoRV132WADSL2+Wireless-NVPNRouter and RV134WVDSL2Wireless-ACVPNRouter. The vulnerability stems from the program failing to adequately filter the user's input. The /tr69cfg.cgi page POST request has a command injection at the parameter tr69cBoundIfName, which allows the attacker to execute arbitrary commands remotely. Failed exploit attempts will result in a denial-of-service condition

Trust: 2.61

sources: NVD: CVE-2018-0125 // JVNDB: JVNDB-2018-002222 // CNVD: CNVD-2018-03484 // BID: 103140 // VULHUB: VHN-118327 // VULMON: CVE-2018-0125

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-03484

AFFECTED PRODUCTS

vendor:ciscomodel:rv134wscope:eqversion:1.0

Trust: 1.6

vendor:ciscomodel:rv132wscope:eqversion:1.0

Trust: 1.6

vendor:ciscomodel:rv132w adsl2+ wireless-n vpn routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:rv134w vdsl2 wireless-ac vpn routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:rv134w vdsl2 wireless-ac vpn routerscope:ltversion:1.0.1.11

Trust: 0.6

vendor:ciscomodel:rv132w adsl2+ wireless-n vpn routersscope:ltversion:1.0.1.11

Trust: 0.6

vendor:ciscomodel:rv134wscope:eqversion:1.0.0.1

Trust: 0.3

vendor:ciscomodel:rv132wscope:eqversion:1.0.0.1

Trust: 0.3

vendor:ciscomodel:rv134wscope:neversion:1.0.1.11

Trust: 0.3

vendor:ciscomodel:rv132wscope:neversion:1.0.1.11

Trust: 0.3

sources: CNVD: CNVD-2018-03484 // BID: 103140 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273 // NVD: CVE-2018-0125

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0125
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-0125
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-03484
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201802-273
value: CRITICAL

Trust: 0.6

VULHUB: VHN-118327
value: HIGH

Trust: 0.1

VULMON: CVE-2018-0125
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0125
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-03484
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118327
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0125
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-0125
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-03484 // VULHUB: VHN-118327 // VULMON: CVE-2018-0125 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273 // NVD: CVE-2018-0125

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118327 // JVNDB: JVNDB-2018-002222 // NVD: CVE-2018-0125

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-273

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201802-273

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-002222

PATCH

title:cisco-sa-20180207-rv13xurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x

Trust: 0.8

title:Patch for CiscoRV132WADSL2+Wireless-NVPNRouter and RV134WVDSL2Wireless-ACVPNRouter Remote Command Execution Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/117915

Trust: 0.6

title:Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers Web Interface security vulnerability Repair measuresurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78385

Trust: 0.6

title:Cisco: Cisco RV132W and RV134W Remote Code Execution and Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180207-rv13x

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM InfoSphere Change Data Capture is affected by a jackson-core open source library vulnerability (CVE-2018-0125)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=81c9f9e42154f92f69551061484adb22

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=55ea315dfb69fce8383762ac64250315

Trust: 0.1

sources: CNVD: CNVD-2018-03484 // VULMON: CVE-2018-0125 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273

EXTERNAL IDS

db:NVDid:CVE-2018-0125

Trust: 3.5

db:BIDid:103140

Trust: 2.1

db:SECTRACKid:1040336

Trust: 1.8

db:JVNDBid:JVNDB-2018-002222

Trust: 0.8

db:CNNVDid:CNNVD-201802-273

Trust: 0.7

db:CNVDid:CNVD-2018-03484

Trust: 0.6

db:AUSCERTid:ESB-2019.0661

Trust: 0.6

db:AUSCERTid:ESB-2019.0544

Trust: 0.6

db:VULHUBid:VHN-118327

Trust: 0.1

db:VULMONid:CVE-2018-0125

Trust: 0.1

sources: CNVD: CNVD-2018-03484 // VULHUB: VHN-118327 // VULMON: CVE-2018-0125 // BID: 103140 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273 // NVD: CVE-2018-0125

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180207-rv13x

Trust: 2.2

url:http://www.securityfocus.com/bid/103140

Trust: 1.9

url:http://www.securitytracker.com/id/1040336

Trust: 1.8

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0125

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2018-0125

Trust: 0.8

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180

Trust: 0.6

url:http://www.ibm.com/support/docview.wss?uid=ibm10872142

Trust: 0.6

url:https://www.auscert.org.au/bulletins/75922

Trust: 0.6

url:http://www.ibm.com/support/docview.wss?uid=ibm10870982

Trust: 0.6

url:https://www-01.ibm.com/support/docview.wss?uid=ibm10872142

Trust: 0.6

url:https://www.auscert.org.au/bulletins/76418

Trust: 0.6

url:http://www.cisco.com/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/20.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2018-03484 // VULHUB: VHN-118327 // VULMON: CVE-2018-0125 // BID: 103140 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273 // NVD: CVE-2018-0125

CREDITS

Independent security researcher via Beyond Security??s SecuriTeam.

Trust: 0.3

sources: BID: 103140

SOURCES

db:CNVDid:CNVD-2018-03484
db:VULHUBid:VHN-118327
db:VULMONid:CVE-2018-0125
db:BIDid:103140
db:JVNDBid:JVNDB-2018-002222
db:CNNVDid:CNNVD-201802-273
db:NVDid:CVE-2018-0125

LAST UPDATE DATE

2024-11-23T19:26:45.125000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2018-03484date:2018-02-26T00:00:00
db:VULHUBid:VHN-118327date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-0125date:2019-10-09T00:00:00
db:BIDid:103140date:2018-02-07T00:00:00
db:JVNDBid:JVNDB-2018-002222date:2018-04-03T00:00:00
db:CNNVDid:CNNVD-201802-273date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0125date:2024-11-21T03:37:34.360

SOURCES RELEASE DATE

db:CNVDid:CNVD-2018-03484date:2018-02-26T00:00:00
db:VULHUBid:VHN-118327date:2018-02-08T00:00:00
db:VULMONid:CVE-2018-0125date:2018-02-08T00:00:00
db:BIDid:103140date:2018-02-07T00:00:00
db:JVNDBid:JVNDB-2018-002222date:2018-04-03T00:00:00
db:CNNVDid:CNNVD-201802-273date:2018-02-09T00:00:00
db:NVDid:CVE-2018-0125date:2018-02-08T07:29:00.570