1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability

Known Exploited Vulnerabilities CVE-2019-1653 Mappings

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2019-1653 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
CVE-2019-1653 is a critical information disclosure vulnerability affecting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers. This vulnerability allows unauthenticated, remote attackers to access sensitive information from affected devices.
References
  1. https://thehackernews.com/2019/01/hacking-cisco-routers.html
  2. https://therecord.media/cisco-routers-end-of-life-china-espionage-volt-typhoon
CVE-2019-1653 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability secondary_impact T1007 System Service Discovery
Comments
CVE-2019-1653 is a critical information disclosure vulnerability affecting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers. This vulnerability allows unauthenticated, remote attackers to access sensitive information from affected devices.
References
  1. https://thehackernews.com/2019/01/hacking-cisco-routers.html
  2. https://therecord.media/cisco-routers-end-of-life-china-espionage-volt-typhoon
CVE-2019-1653 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability primary_impact T1082 System Information Discovery
Comments
CVE-2019-1653 is a critical information disclosure vulnerability affecting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers. This vulnerability allows unauthenticated, remote attackers to access sensitive information from affected devices.
References
  1. https://thehackernews.com/2019/01/hacking-cisco-routers.html
  2. https://therecord.media/cisco-routers-end-of-life-china-espionage-volt-typhoon
CVE-2019-1653 Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability secondary_impact T1005 Data from Local System
Comments
CVE-2019-1653 is a critical information disclosure vulnerability affecting Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers. This vulnerability allows unauthenticated, remote attackers to access sensitive information from affected devices.
References
  1. https://thehackernews.com/2019/01/hacking-cisco-routers.html
  2. https://therecord.media/cisco-routers-end-of-life-china-espionage-volt-typhoon