{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T10:57:33.671","vulnerabilities":[{"cve":{"id":"CVE-2018-0424","sourceIdentifier":"psirt@cisco.com","published":"2018-10-05T14:29:00.967","lastModified":"2024-11-21T03:38:12.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to execute arbitrary commands. The vulnerability is due to improper validation of user-supplied input to scripts by the web-based management interface. An attacker could exploit this vulnerability by sending malicious requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the root user."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de gestión web de los dispositivos Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router y Cisco RV215W Wireless-N VPN Router podrían permitir que un atacante remoto autenticado ejecute comandos arbitrarios. La vulnerabilidad se debe a la validación insuficiente de entradas proporcionadas por el usuario en los scripts por parte de la interfaz de gestión web. Un atacante podría explotar esta vulnerabilidad mediante el envío de peticiones maliciosas a un dispositivo objetivo. Su explotación con éxito podría permitir que el atacante ejecute comandos arbitrarios con privilegios del usuario root."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:rv110w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.1.7","matchCriteriaId":"DF190588-2B4D-479F-9BB1-B72D2EA64442"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:rv110w_wireless-n_vpn_firewall:-:*:*:*:*:*:*:*","matchCriteriaId":"CA92B2A4-A9D9-4BF5-A687-848917283E8C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:rv130w_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.3.44","matchCriteriaId":"D25407AC-3C94-4A9B-B8B4-A3F22866CC5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:rv130w:*:*:*:*:*:*:*:*","matchCriteriaId":"E4D58B36-08AF-46BE-8D21-11B7F0CA17EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:rv215w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.0.8","matchCriteriaId":"9FDE8FD8-92E8-4BDC-A7AC-705C46E1EF47"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cisco:rv215w_wireless-n_vpn_router:-:*:*:*:*:*:*:*","matchCriteriaId":"BE146ECF-BE5C-4CA1-A325-C3402F540FBB"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1041677","source":"psirt@cisco.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-rv-routers-injection","source":"psirt@cisco.com","tags":["Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1041677","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-rv-routers-injection","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}