CVE-2018-0404
Summary
| CVE | CVE-2018-0404 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-10-05 16:29:00 UTC |
| Updated | 2019-10-09 23:31:00 UTC |
| Description | A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. The product has entered the end-of-life phase and there will be no more firmware fixes. |
Risk And Classification
Problem Types: CWE-89
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Cisco | Rv180w Wireless-n Multifunction Vpn Router | - | All | All | All |
| Hardware | Cisco | Rv180w Wireless-n Multifunction Vpn Router | - | All | All | All |
| Hardware | Cisco | Rv220w Wireless Network Security Firewall | - | All | All | All |
| Hardware | Cisco | Rv220w Wireless Network Security Firewall | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco.com Login Page | CONFIRM | bst.cloudapps.cisco.com | Permissions Required, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.