CVE-2019-1899 · CVEKit

cve.orgen

380 chars

A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web interface of the router.

NVDen

380 chars

A vulnerability in the web interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to acquire the list of devices that are connected to the guest network. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing a specific URI on the web interface of the router.

NVDes

416 chars

Una vulnerabilidad en la interfaz web de los enrutadores RV110W, RV130W y RV215W de Cisco, podría permitir que un atacante remoto no autenticado adquiera la lista de dispositivos que están conectados en la red de invitado. Una vulnerabilidad es debido a la autorización inapropiada de una petición HTTP. Un atacante podría explotar esta vulnerabilidad al acceder a un URI específico en la interfaz web del enrutador.

CVSS metrics across sources

4

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	cve.org	5.3	—	—	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N