CVE-2017-6784

Name of the Vulnerable Software and Affected Versions Cisco RV340, RV345, and RV345P Dual WAN Gigabit VPN Routers versions 1.0.0.30, 1.0.0.33, 1.0.1.9, 1.0.1.16

Description A vulnerability in the web interface could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The issue is due to insufficient protection of sensitive data when responding to an HTTP request to the web interface. An attacker could exploit this by using the HTTP protocol and examining the data in the HTTP responses. This could allow the attacker to find sensitive information about the application.

Recommendations For versions 1.0.0.30, 1.0.0.33, 1.0.1.9, 1.0.1.16, update to a fixed version to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.