SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:34
Type | Values Removed | Values Added |
---|---|---|
References | () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220 - Vendor Advisory | |
References | () http://www.securitytracker.com/id/1034830 - |
Information
Published : 2016-01-27 22:59
Updated : 2024-11-21 02:34
NVD link : CVE-2015-6319
Mitre link : CVE-2015-6319
CVE.ORG link : CVE-2015-6319
JSON object : View
Products Affected
cisco
- rv016_multi-wan_vpn_router
- wrv200_wireless-g_vpn_router_-_rangebooster
- wrv210_wireless-g_vpn_router_-_rangebooster
- rv215w_wireless-n_vpn_router
- rv320_dual_gigabit_wan_vpn_router
- rv130_vpn_router
- rv325_dual_wan_gigabit_vpn_router
- rv325_dual_gigabit_wan_wf_vpn_router
- rv180w_wireless-n_multifunction_vpn_router
- rvl200_4-port_ssl_ipsec_vpn_router
- rv130w_wireless-n_multifunction_vpn_router
- rv042_dual_wan_vpn_router
- rv042g_dual_gigabit_wan_vpn_router
- rv180_vpn_router
- rv120w_wireless-n_vpn_firewall
- rv220w_wireless_network_security_firewall
- rv320_dual_gigabit_wan_wf_vpn_router
- rv_series_router_firmware
- rv110w_wireless-n_vpn_firewall
- rv082_dual_wan_vpn_router
- rvs4000_4-port_gigabit_security_router_-_vpn
- wrvs4400n_wireless-n_gigabit_security_router_-_vpn_v2.0
sun
- opensolaris
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')