CVE-2018-0125 — Cisco VPN Routers Remote Code Execution Vulnerability
2022-03-25 • CISA Known Exploited Vulnerability
[event] A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Cisco |
| Product | VPN Routers |
| CWE | CWE-20 |
| CVE ID | CVE-2018-0125 |
| Date Added | 2022-03-25 |
| Due Date | 2022-04-15 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-04-15