Vulnerabilities > Cisco > Rv180W Firmware

DATE CVE VULNERABILITY TITLE RISK
2018-10-05 CVE-2018-0405 Path Traversal vulnerability in Cisco Rv180W Firmware and Rv220W Firmware
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device.
network
low complexity
cisco CWE-22
7.5
2017-10-12 CVE-2015-6358 Improper Certificate Validation vulnerability in Cisco products
Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the firmware, which allows remote attackers to defeat cryptographic protection mechanisms and conduct man-in-the-middle attacks by leveraging knowledge of these certificates and keys from another installation, aka Bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913.
network
high complexity
cisco CWE-295
5.9