Published: 08/08/2016 Updated: 16/08/2017
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Summary

Directory traversal vulnerability in the web interface on Cisco RV180 and RV180W devices allows remote malicious users to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuz43023.

Vendor Advisories

A vulnerability in the web interface of the Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to access arbitrary files on the system This vulnerability allows the attacker to perform directory traversal The vulnerability is due to lack of proper input verification and san ...