CVE-2019-1653 — Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability
2021-11-03 • CISA Known Exploited Vulnerability
[event] Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers contain improper access controls for URLs. Exploitation could allow an attacker to download the router configuration or detailed diagnostic information.
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Cisco |
| Product | Small Business RV320 and RV325 Routers |
| CWE | CWE-284 |
| CVE ID | CVE-2019-1653 |
| Date Added | 2021-11-03 |
| Due Date | 2022-05-03 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-05-03