Cisco Small Business RV320 and RV325 Routers Information Disclosure Vulnerability (cisco-sa-20190123-rv-info) (remote check)
High Nessus Plugin ID 121395
SynopsisThe remote device is affected by an information disclosure vulnerability.
DescriptionThe remote Cisco Small Business router is affected by a remote information disclosure vulnerability. A remote, unauthenticated attacker can exploit this, via a simple HTTP GET or POST request, to obtain the configuration of the router. This configuration includes device credentials in the form of a plaintext username and an MD5 hashed password that is trivial to crack.
These credentials could then be used to authenticate to the router and can be leveraged with a command injection vulnerability (CVE-2019-1652) to allow an attacker to execute arbitrary commands.
SolutionRefer to Cisco bug ID CSCvg85922 for any available patches, or contact the vendor for a fix.