PT-2014-4535 · Cisco · Cisco Rv120W+3
Publicado
2014-11-07
·
Atualizado
2018-10-09
·
CVE-2014-2178
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Cisco RV router firmware versions prior to 1.0.5.9 on RV220W devices
Cisco RV router firmware versions prior to 1.0.4.14 on RV180 and RV180W devices
Cisco RV router firmware versions prior to 1.0.5.9 on RV120W devices
Description
A cross-site request forgery (CSRF) issue exists in the administrative web interface of the Cisco RV router firmware, allowing remote attackers to hijack the authentication of administrators.
Recommendations
For RV220W devices, update to version 1.0.5.9 or later to resolve the issue.
For RV180 and RV180W devices, update to version 1.0.4.14 or later to resolve the issue.
For RV120W devices, update to version 1.0.5.9 or later to resolve the issue.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Rv120W
Cisco Rv180
Cisco Rv180W
Cisco Rv220W