CVE-2015-6319

Name of the Vulnerable Software and Affected Versions Cisco RV220W devices (affected versions not specified)

Description The issue is related to a SQL injection vulnerability in the web-based management interface. This vulnerability allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request. The vulnerability is due to the lack of protection of the SQL query structure.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.