March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2018-0147 – Cisco Secure Access Control System Vulnerability Exploit in the Wild
December 21, 2022Rewterz Threat Advisory – Multiple Cisco IOS and Cisco IOS XE Vulnerabilities Exploit in the Wild
December 21, 2022Rewterz Threat Advisory – CVE-2018-0147 – Cisco Secure Access Control System Vulnerability Exploit in the Wild
December 21, 2022Rewterz Threat Advisory – Multiple Cisco IOS and Cisco IOS XE Vulnerabilities Exploit in the Wild
December 21, 2022
Severity
High
Analysis Summary
CVE-2018-0125
Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow a remote attacker to execute arbitrary code on the system, caused by an incomplete input validation on user-controlled input in an HTTP request in the Web interface. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code with root privileges or cause the device to reload.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2018-0125
Affected Vendors
Cisco
Affected Products
- Cisco RV132W ADSL2+ Wireless-N VPN Router
- Cisco RV134W VDSL2 Wireless-AC VPN Router
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.