SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in an HTTP request, aka Bug ID CSCuv29574.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2016-01-27 14:59
Updated : 2016-12-07 10:19
NVD link : CVE-2015-6319
Mitre link : CVE-2015-6319
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
cisco
- rv325_dual_wan_gigabit_vpn_router
- wrv210_wireless-g_vpn_router_-_rangebooster
- rv130w_wireless-n_multifunction_vpn_router
- wrvs4400n_wireless-n_gigabit_security_router_-_vpn_v2.0
- rv180w_wireless-n_multifunction_vpn_router
- rv_series_router_firmware
- rvl200_4-port_ssl_ipsec_vpn_router
- rv320_dual_gigabit_wan_vpn_router
- rv220w_wireless_network_security_firewall
- wrv200_wireless-g_vpn_router_-_rangebooster
- rv130_vpn_router
- rv110w_wireless-n_vpn_firewall
- rv042_dual_wan_vpn_router
- rv016_multi-wan_vpn_router
- rv180_vpn_router
- rv042g_dual_gigabit_wan_vpn_router
- rv082_dual_wan_vpn_router
- rv325_dual_gigabit_wan_wf_vpn_router
- rv320_dual_gigabit_wan_wf_vpn_router
- rv120w_wireless-n_vpn_firewall
- rvs4000_4-port_gigabit_security_router_-_vpn
- rv215w_wireless-n_vpn_router