CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0405

A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. The issue is due to improper sanitization of user-supplied input in HTTP request parameters that describe filenames. An attacker could exploit this vulnerability by using directory traversal techniques to submit a path to a desired file location.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.035

EPSS Ranking 87.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2018-0405

Cisco » Rv180w » Version: N/A

cpe:2.3:h:cisco:rv180w:-
Cisco » Rv220w » Version: N/A

cpe:2.3:h:cisco:rv220w:-
Cisco » Rv180w Firmware » Version: N/A

cpe:2.3:o:cisco:rv180w_firmware:-
Cisco » Rv220w Firmware » Version: N/A

cpe:2.3:o:cisco:rv220w_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-0405

Products

Pricing

Contact Us