1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Cisco Routers CVE-2019-1652

Attack: Cisco Routers CVE-2019-1652

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects the attempt to execute arbitrary commands with root privileges in the context of the affected device.

Additional Information

Cisco RV320 and RV325 Routers are prone to a remote command-injection vulnerability because they fail to properly sanitize user-supplied input. An attacker can exploit this issue by sending a crafted HTTP POST request to an affected device.

Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected device.

Affected

  • The following version of Cisco RV320 and RV325 Dual Gigabit WAN VPN Routers are vulnerable:
  • Cisco RV320 Dual Gigabit WAN VPN Router version 1.4.2.15 through 1.4.2.19.
  • Cisco RV325 Dual Gigabit WAN VPN Router version 1.4.2.15 through 1.4.2.19.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube