Vulnerability Description
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The attacker could retrieve sensitive information which should be restricted. The product has entered the end-of-life phase and there will be no more firmware fixes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Rv180W Wireless-N Multifunction Vpn Router | - |
| Cisco | Rv220W Wireless Network Security Firewall | - |
Related Weaknesses (CWE)
References
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk27179Permissions RequiredVendor Advisory
- https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk27179Permissions RequiredVendor Advisory
FAQ
What is CVE-2018-0404?
CVE-2018-0404 is a vulnerability with a CVSS score of 7.5 (HIGH). A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, re...
How severe is CVE-2018-0404?
CVE-2018-0404 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-0404?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Rv180W Wireless-N Multifunction Vpn Router, Cisco Rv220W Wireless Network Security Firewall.