CVE-2019-1899
Description
A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web interface of the router.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
Exploitation Probability
1.453
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Cisco RV110W, RV130W, and RV215W Routers Information Disclosure Vulnerability For Cisco Small Business RV Series Routers | NCM |
| Direct Request (Forced Browsing) Vulnerability (CVE-2019-1899) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1705925 | Security Update for Cisco Small Business RV Series Routers 1.0.3.16 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234