1. Home
  2. CVE Database
  3. CVE-2019-1897
MEDIUM · 5.3

CVE-2019-1897

A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest ...

Vulnerability Description

A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest network on an affected router. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for device disconnection and providing the connected device information. A successful exploit could allow the attacker to deny service to specific clients that are connected to the guest network.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW

Affected Products

VendorProductVersions
CiscoRv110W Firmware-
CiscoRv110W-
CiscoRv130W Firmware-
CiscoRv130W-
CiscoRv215W Firmware-
CiscoRv215W-

Related Weaknesses (CWE)

CWE-306CWE-285

References

FAQ

What is CVE-2019-1897?

CVE-2019-1897 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to disconnect clients that are connected to the guest ...

How severe is CVE-2019-1897?

CVE-2019-1897 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-1897?

Check the references section above for vendor advisories and patch information. Affected products include: Cisco Rv110W Firmware, Cisco Rv110W, Cisco Rv130W Firmware, Cisco Rv130W, Cisco Rv215W Firmware.