CVE-2019-1828: Cisco Small Business RV320 and RV325 Routers Weak Credential Encryption Vulnerability

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-1828

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Cisco Small Business RV320 and RV325 Routers Weak Credential Encryption Vulnerability

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for user credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack and decrypting intercepted credentials. A successful exploit could allow the attacker to gain access to an affected device with administrator privileges. This vulnerability affects Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running firmware releases prior to 1.4.2.22.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

使用已被攻破或存在风险的密码学算法

Source: NVD (National Vulnerability Database)

Vulnerability Title

Cisco Small Business RV320和Cisco Small Business RV325 加密问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Cisco Small Business RV320和Cisco Small Business RV325都是美国思科（Cisco）公司的一款VPN路由器。使用1.4.2.22版本固件的Cisco Small Business RV320和RV325 Dual Gigabit WAN VPN Routers中的基于Web的管理界面存在加密问题漏洞，该漏洞源于网络系统或产品未正确使用相关密码算法，导致内容未正确加密、弱加密、明文存储敏感信息等。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Cisco	Cisco Small Business RV Series Router Firmware	unspecified ~ 1.4.2.22	-

II. Public POCs for CVE-2019-1828

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-1828

Please Login to view more intelligence information

http://www.securityfocus.com/bid/107774vdb-entryx_refsource_BID
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190404-rv-weak-encryptvendor-advisoryx_refsource_CISCO
https://nvd.nist.gov/vuln/detail/CVE-2019-1828

New Vulnerabilities

Product: Cisco Small Business RV Series Router Firmware

Vendor: Cisco

Same weakness: CWE-327

V. Comments for CVE-2019-1828

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2019-1828

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2019-1828

III. Intelligence Information for CVE-2019-1828

New Vulnerabilities

V. Comments for CVE-2019-1828

Leave a comment