Cisco Small Business RV320ºÍRV325·ì϶°²È«¹«¸æ

°ä²¼¹¦·ò 2019-01-28

·ì϶±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1652£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£ºÖÐΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.2£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨

CVE±àºÅ£ºCVE-2019-1653£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º³§ÉÌ×ÔÆÀ£º7.5£¬£¬£¬£¬£¬¹Ù·½Î´ÆÀ¶¨


Ó°ÏìÁìÓò


ÊÜÓ°Ïì²úÆ·£º

CVE-2019-1652

ʹÓÃ1.4.2.15°æ±¾ÖÁ1.4.2.19°æ±¾¹Ì¼þµÄCisco Small Business RV320ºÍRV325

CVE-2019-1653

ʹÓÃ1.4.2.15°æ±¾ÖÁ1.4.2.17°æ±¾¹Ì¼þµÄCisco Small Business RV320ºÍRV325


·ì϶¸ÅÊö


Cisco Small Business RV320ºÍRV325¶¼ÊÇÃÀ¹ú˼¿Æ£¨Cisco£©¹«Ë¾µÄÆóÒµ¼¶Â·ÓÉÆ÷¡£¡£¡£¡£¡£


½üÈÕ£¬£¬£¬£¬£¬Ë¼¿ÆΪ·ÓÉÆ÷ÐͺŠRV320 ºÍ RV325 °ä²¼¸üУ¬£¬£¬£¬£¬½¨¸´ÁËÒ»¸öºÅÁî×¢Èë·ì϶ (CVE-2019-1652) ºÍÒ»¸öÐÅϢй©·ì϶ (CVE-2019-1653)£¬£¬£¬£¬£¬ÕâÁ½¸ö·ì϶¾ùλÓÚ·ÓÉÆ÷µÄ web ÖÎÀí½Ó¿ÚÖÓ×£¡£¡£¡£¡£±»ÆØ·ì϶ÇÒ POCºÍEXP ÒÑ°ä²¼£¬£¬£¬£¬£¬µ¼Ö¹¥»÷Õß¿ÉÄÜɨÃèÒ×Êܹ¥»÷µÄÉ豸²¢ÆëÈ«½ÚÔìËüÃÇ¡£¡£¡£¡£¡£¸ÅÊöÈçÏ£º


CVE-2019-1652

»ùÓÚWebµÄÖÎÀí½çÃæ´æÔÚºÅÁî×¢Èë·ì϶£¬£¬£¬£¬£¬¸Ã·ì϶ԴÓÚ·¨Ê½Ã»ÓÐÕýÈ·µØÑéÖ¤Óû§Ìá½»µÄÊäÈë¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿Éͨ¹ý·¢ËÍÌØÔìµÄHTTP POSTÒªÇóÀûÓø÷ì϶ÒÔrootȨÏÞÔڵײãLinux shellÉÏÖ´ÐÐËÁÒâ´úÂë¡£¡£¡£¡£¡£

CVE-2019-1653

»ùÓÚWebµÄÖÎÀí½çÃæ´æÔÚÐÅϢй¶·ì϶£¬£¬£¬£¬£¬¸Ã·ì϶ԴÓÚ·¨Ê½¶ÔURLsÖ´ÐÐÁËÃýÎóµÄ½Ó¼û½ÚÔì¡£¡£¡£¡£¡£Ô¶³Ì¹¥»÷Õß¿Éͨ¹ýHTTP»òHTTPSºÍ̸ÏνÓÊÜÓ°ÏìµÄÉ豸²¢ÒªÇóURLsÀûÓø÷ì϶¼ìË÷Ãô¸ÐÐÅÏ¢¡£¡£¡£¡£¡£


·ì϶ÀûÓÃ


Ä¿Ç°£¬£¬£¬£¬£¬·ì϶µÄPOCºÍEXPÒѹ«¿ª£º

CVE-2019-1652

POC: https://cxsecurity.com/issue/WLB-2019010236

EXP: https://github.com/0x27/CiscoRV320Dump

CVE-2019-1653

POC: https://cxsecurity.com/issue/WLB-2019010235

EXP: https://github.com/0x27/CiscoRV320Dump


½¨¸´½¨Òé


Ä¿Ç°³§ÉÌÒÑ°ä²¼Éý¼¶²¹¶¡ÒÔ½¨¸´·ì϶£º

CVE-2019-1652

Çë¸üÐÂÖÁ1.4.2.20°æ±¾¡£¡£¡£¡£¡£

CVE-2019-1653

Çë¸üÐÂÖÁ1.4.2.19°æ±¾¡£¡£¡£¡£¡£


²Î¿¼Á´½Ó


https://cxsecurity.com/issue/WLB-2019010236

https://cxsecurity.com/issue/WLB-2019010235

https://github.com/0x27/CiscoRV320Dump

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-info

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-rv-inject