CISCO : Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability (cisco-sa-20160803-rv110

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.105847

Categoría: CISCO

Título: Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability (cisco-sa-20160803-rv110_130w2)

Resumen: A vulnerability in the default account when used with a; specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N; Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an; authenticated, remote attacker to gain root access to the device. The account could incorrectly; be granted root privileges at authentication time.

Descripción: Summary:
A vulnerability in the default account when used with a
specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N
Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an
authenticated, remote attacker to gain root access to the device. The account could incorrectly
be granted root privileges at authentication time.

Solution:
This vulnerability is fixed in the following firmware versions:

- RV110W Wireless-N VPN Firewall, Release 1.2.1.7

- RV130W Wireless-N Multifunction VPN Router, Release 1.0.3.16

- RV215W Wireless-N VPN Router, Release 1.3.0.8

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2015-6397
BugTraq ID: 92273
http://www.securityfocus.com/bid/92273
Cisco Security Advisory: 20160803 Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2
http://www.securitytracker.com/id/1036524

Copyright Copyright (C) 2016 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.105847
Categoría:	CISCO
Título:	Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability (cisco-sa-20160803-rv110_130w2)
Resumen:	A vulnerability in the default account when used with a; specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N; Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an; authenticated, remote attacker to gain root access to the device. The account could incorrectly; be granted root privileges at authentication time.
Descripción:	Summary: A vulnerability in the default account when used with a specific configuration of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router could allow an authenticated, remote attacker to gain root access to the device. The account could incorrectly be granted root privileges at authentication time. Solution: This vulnerability is fixed in the following firmware versions: - RV110W Wireless-N VPN Firewall, Release 1.2.1.7 - RV130W Wireless-N Multifunction VPN Router, Release 1.0.3.16 - RV215W Wireless-N VPN Router, Release 1.3.0.8 CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-6397 BugTraq ID: 92273 http://www.securityfocus.com/bid/92273 Cisco Security Advisory: 20160803 Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2 http://www.securitytracker.com/id/1036524
Copyright	Copyright (C) 2016 Greenbone AG