Cisco Small Business RV320ºÍRV325·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-01-28

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1652£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.2£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1653£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬¹Ù·½Î´ÆÀ¶¨


Ó°ÏìÁìÓò


ÊÜÓ°Ïì²úÆ·£º

CVE-2019-1652

ʹÓÃ1.4.2.15°æ±¾ÖÁ1.4.2.19°æ±¾¹Ì¼þµÄCisco Small Business RV320ºÍRV325

CVE-2019-1653

ʹÓÃ1.4.2.15°æ±¾ÖÁ1.4.2.17°æ±¾¹Ì¼þµÄCisco Small Business RV320ºÍRV325


·ì϶¸ÅÊö


Cisco Small Business RV320ºÍRV325¶¼ÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄÆóÒµ¼¶Â·ÓÉÆ÷¡£


½üÈÕ£¬Ë¼¿ÆΪ·ÓÉÆ÷ÐͺŠRV320 ºÍ RV325 °ä²¼¸üУ¬½¨¸´ÁËÒ»¸öºÅÁî×¢Èë·ì϶ (CVE-2019-1652) ºÍÒ»¸öÐÅϢй©·ì϶ (CVE-2019-1653)£¬ÕâÁ½¸ö·ì϶¾ùλÓÚ·ÓÉÆ÷µÄ web ÖÎÀí½Ó¿ÚÖС£±»ÆØ·ì϶ÇÒ POCºÍEXP ÒÑ°ä²¼£¬µ¼Ö¹¥»÷Õß¿ÉÄÜɨÃèÒ×Êܹ¥»÷µÄÉ豸²¢ÆëÈ«½ÚÔìËüÃÇ¡£¸ÅÊöÈçÏ£º


CVE-2019-1652

»ùÓÚWebµÄÖÎÀí½çÃæ´æÔÚºÅÁî×¢Èë·ì϶£¬¸Ã·ì϶ԴÓÚ·¨Ê½Ã»ÓÐÕýÈ·µØÑéÖ¤Óû§Ìá½»µÄÊäÈë¡£Ô¶³Ì¹¥»÷Õß¿Éͨ¹ý·¢ËÍÌØÔìµÄHTTP POSTÒªÇóÀûÓø÷ì϶ÒÔrootȨÏÞÔڵײãLinux shellÉÏÖ´ÐÐËÁÒâ´úÂë¡£

CVE-2019-1653

»ùÓÚWebµÄÖÎÀí½çÃæ´æÔÚÐÅϢй¶·ì϶£¬¸Ã·ì϶ԴÓÚ·¨Ê½¶ÔURLsÖ´ÐÐÁËÃýÎóµÄ½Ó¼û½ÚÔì¡£Ô¶³Ì¹¥»÷Õß¿Éͨ¹ýHTTP»òHTTPSºÍ̸ÏνÓÊÜÓ°ÏìµÄÉ豸²¢ÒªÇóURLsÀûÓø÷ì϶¼ìË÷Ãô¸ÐÐÅÏ¢¡£


·ì϶ÀûÓÃ


Ä¿Ç°£¬·ì϶µÄPOCºÍEXPÒѹ«¿ª£º

CVE-2019-1652

POC: https://cxsecurity.com/issue/WLB-2019010236

EXP: https://github.com/0x27/CiscoRV320Dump

CVE-2019-1653

POC: https://cxsecurity.com/issue/WLB-2019010235

EXP: https://github.com/0x27/CiscoRV320Dump


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶£º

CVE-2019-1652

Çë¸üÐÂÖÁ1.4.2.20°æ±¾¡£

CVE-2019-1653

Çë¸üÐÂÖÁ1.4.2.19°æ±¾¡£


²Î¿¼Á´½Ó


https://cxsecurity.com/issue/WLB-2019010236

https://cxsecurity.com/issue/WLB-2019010235

https://github.com/0x27/CiscoRV320Dump

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject