Sign-up

ID

VAR-201802-0594


CVE

CVE-2018-0125


TITLE

Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Router input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-002222

DESCRIPTION

A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. The attacker could also cause an affected system to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to an incomplete input validation on user-controlled input in an HTTP request to the targeted device. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user and gain full control of the affected system or cause it to reload, resulting in a DoS condition. This vulnerability is fixed in firmware version 1.0.1.11 for the following Cisco products: RV132W ADSL2+ Wireless-N VPN Router and RV134W VDSL2 Wireless-AC VPN Router. Cisco Bug IDs: CSCvg92737, CSCvh60170. Vendors have confirmed this vulnerability Bug ID CSCvg92737 and CSCvh60170 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Cisco RV132WADSL2+Wireless-NVPNRouters and RV134WVDSL2Wireless-ACVPNRouters are routers of Cisco Systems of the United States. A remote command execution vulnerability exists in the CiscoRV132WADSL2+Wireless-NVPNRouter and RV134WVDSL2Wireless-ACVPNRouter. The vulnerability stems from the program failing to adequately filter the user's input. The /tr69cfg.cgi page POST request has a command injection at the parameter tr69cBoundIfName, which allows the attacker to execute arbitrary commands remotely. Failed exploit attempts will result in a denial-of-service condition

Trust: 2.61

sources: NVD: CVE-2018-0125 // JVNDB: JVNDB-2018-002222 // CNVD: CNVD-2018-03484 // BID: 103140 // VULHUB: VHN-118327 // VULMON: CVE-2018-0125

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2018-03484

AFFECTED PRODUCTS

vendor:ciscomodel:rv134wscope:eqversion:1.0

Trust: 1.6

vendor:ciscomodel:rv132wscope:eqversion:1.0

Trust: 1.6

vendor:ciscomodel:rv132w adsl2+ wireless-n vpn routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:rv134w vdsl2 wireless-ac vpn routerscope: - version: -

Trust: 0.8

vendor:ciscomodel:rv134w vdsl2 wireless-ac vpn routerscope:ltversion:1.0.1.11

Trust: 0.6

vendor:ciscomodel:rv132w adsl2+ wireless-n vpn routersscope:ltversion:1.0.1.11

Trust: 0.6

vendor:ciscomodel:rv134wscope:eqversion:1.0.0.1

Trust: 0.3

vendor:ciscomodel:rv132wscope:eqversion:1.0.0.1

Trust: 0.3

vendor:ciscomodel:rv134wscope:neversion:1.0.1.11

Trust: 0.3

vendor:ciscomodel:rv132wscope:neversion:1.0.1.11

Trust: 0.3

sources: CNVD: CNVD-2018-03484 // BID: 103140 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273 // NVD: CVE-2018-0125

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-0125
value: CRITICAL

Trust: 1.0

NVD: CVE-2018-0125
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2018-03484
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201802-273
value: CRITICAL

Trust: 0.6

VULHUB: VHN-118327
value: HIGH

Trust: 0.1

VULMON: CVE-2018-0125
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2018-0125
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2018-03484
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-118327
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-0125
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2018-0125
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2018-03484 // VULHUB: VHN-118327 // VULMON: CVE-2018-0125 // JVNDB: JVNDB-2018-002222 // CNNVD: CNNVD-201802-273 // NVD: CVE-2018-0125

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-118327 // JVNDB: JVNDB-2018-002222 // NVD: CVE-2018-0125

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201802-273

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201802-273

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-002222

PATCH
title:cisco-sa-20180207-rv13xurl:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-rv13x
Trust: 0.8
title:Patch for CiscoRV132WADSL2+Wireless-NVPNRouter and RV134WVDSL2Wireless-ACVPNRouter Remote Command Execution Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/117915
Trust: 0.6
title:Cisco RV132W ADSL2+ Wireless-N VPN  and RV134W VDSL2 Wireless-AC VPN Routers Web Interface security vulnerability Repair measuresurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78385
Trust: 0.6
title:Cisco: Cisco RV132W and RV134W Remote Code Execution and Denial of Service Vulnerabilityurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-20180207-rv13x
Trust: 0.1
title:IBM: IBM Security Bulletin: IBM InfoSphere Change Data Capture is affected by a jackson-core open source library vulnerability (CVE-2018-0125)url:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=81c9f9e42154f92f69551061484adb22
Trust: 0.1
title:IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=55ea315dfb69fce8383762ac64250315
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-03484 // 
            
            
            
            VULMON: CVE-2018-0125 // 
            
            
            
            JVNDB: JVNDB-2018-002222 // 
            
            
            
            CNNVD: CNNVD-201802-273

EXTERNAL IDS
db:NVDid:CVE-2018-0125
Trust: 3.5
db:BIDid:103140
Trust: 2.1
db:SECTRACKid:1040336
Trust: 1.8
db:JVNDBid:JVNDB-2018-002222
Trust: 0.8
db:CNNVDid:CNNVD-201802-273
Trust: 0.7
db:CNVDid:CNVD-2018-03484
Trust: 0.6
db:AUSCERTid:ESB-2019.0661
Trust: 0.6
db:AUSCERTid:ESB-2019.0544
Trust: 0.6
db:VULHUBid:VHN-118327
Trust: 0.1
db:VULMONid:CVE-2018-0125
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-03484 // 
            
            
            
            VULHUB: VHN-118327 // 
            
            
            
            VULMON: CVE-2018-0125 // 
            
            
            
            BID: 103140 // 
            
            
            
            JVNDB: JVNDB-2018-002222 // 
            
            
            
            CNNVD: CNNVD-201802-273 // 
            
            
            
            NVD: CVE-2018-0125

REFERENCES
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180207-rv13x
Trust: 2.2
url:http://www.securityfocus.com/bid/103140
Trust: 1.9
url:http://www.securitytracker.com/id/1040336
Trust: 1.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0125
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-0125
Trust: 0.8
url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180
Trust: 0.6
url:http://www.ibm.com/support/docview.wss?uid=ibm10872142
Trust: 0.6
url:https://www.auscert.org.au/bulletins/75922
Trust: 0.6
url:http://www.ibm.com/support/docview.wss?uid=ibm10870982
Trust: 0.6
url:https://www-01.ibm.com/support/docview.wss?uid=ibm10872142
Trust: 0.6
url:https://www.auscert.org.au/bulletins/76418
Trust: 0.6
url:http://www.cisco.com/
Trust: 0.3
url:https://cwe.mitre.org/data/definitions/20.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2018-03484 // 
            
            
            
            VULHUB: VHN-118327 // 
            
            
            
            VULMON: CVE-2018-0125 // 
            
            
            
            BID: 103140 // 
            
            
            
            JVNDB: JVNDB-2018-002222 // 
            
            
            
            CNNVD: CNNVD-201802-273 // 
            
            
            
            NVD: CVE-2018-0125

CREDITS
Independent security researcher via Beyond Security??s SecuriTeam.
Trust: 0.3
sources:
            
            
            BID: 103140

SOURCES
db:CNVDid:CNVD-2018-03484
db:VULHUBid:VHN-118327
db:VULMONid:CVE-2018-0125
db:BIDid:103140
db:JVNDBid:JVNDB-2018-002222
db:CNNVDid:CNNVD-201802-273
db:NVDid:CVE-2018-0125

LAST UPDATE DATE
2024-08-14T12:09:01.289000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2018-03484date:2018-02-26T00:00:00
db:VULHUBid:VHN-118327date:2019-10-09T00:00:00
db:VULMONid:CVE-2018-0125date:2019-10-09T00:00:00
db:BIDid:103140date:2018-02-07T00:00:00
db:JVNDBid:JVNDB-2018-002222date:2018-04-03T00:00:00
db:CNNVDid:CNNVD-201802-273date:2019-10-17T00:00:00
db:NVDid:CVE-2018-0125date:2024-07-16T17:58:03.967

SOURCES RELEASE DATE
db:CNVDid:CNVD-2018-03484date:2018-02-26T00:00:00
db:VULHUBid:VHN-118327date:2018-02-08T00:00:00
db:VULMONid:CVE-2018-0125date:2018-02-08T00:00:00
db:BIDid:103140date:2018-02-07T00:00:00
db:JVNDBid:JVNDB-2018-002222date:2018-04-03T00:00:00
db:CNNVDid:CNNVD-201802-273date:2018-02-09T00:00:00
db:NVDid:CVE-2018-0125date:2018-02-08T07:29:00.570