CVE-2018-0404

Name of the Vulnerable Software and Affected Versions Cisco RV180W Wireless-N Multifunction VPN Router (affected versions not specified) Cisco Small Business RV Series RV220W Wireless Network Security Firewall (affected versions not specified)

Description The issue is related to the lack of protection against SQL query structure exploitation in the web framework code. This could allow a remote attacker to execute arbitrary SQL queries and retrieve sensitive information that should be restricted.

Recommendations For Cisco RV180W Wireless-N Multifunction VPN Router, consider restricting access to the web framework until a resolution is available, however, since the product has entered the end-of-life phase, no firmware fixes will be provided. For Cisco Small Business RV Series RV220W Wireless Network Security Firewall, consider restricting access to the web framework until a resolution is available, however, since the product has entered the end-of-life phase, no firmware fixes will be provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.