Summary

• A vulnerability in the web-based management interface of Cisco RV110W Wireless-N VPN Firewalls, Cisco RV130W Wireless-N Multifunction VPN Routers, and Cisco RV215W Wireless-N VPN Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface for a targeted device.
  
  The vulnerability is due to improper input validation of certain parameters that are sent to an affected device via the HTTP GET or HTTP POST method. An unauthenticated, remote attacker could exploit this vulnerability by persuading a user to follow a link that is designed to submit malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary script in the context of the web-based management interface for the device or allow the attacker to access sensitive browser-based information.
  
  Cisco has released firmware updates that address this vulnerability. There are no workarounds that address this vulnerability.
  
  This advisory is available at the following link:
  
  http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1

Affected Products

• Vulnerable Products

  All releases of the following Cisco products are affected by this vulnerability:
  

  • RV110W Wireless-N VPN Firewall
  • RV130W Wireless-N Multifunction VPN Router
  • RV215W Wireless-N VPN Router

  The web-based management interface is available for these devices via a local LAN connection or the remote management feature. By default, the remote management feature is disabled for the affected devices.
  
  To determine whether the remote management feature is enabled for a device, open the web-based management interface for the device and then choose Basic Settings > Remote Management. If the Enable check box is checked, remote management is enabled for the device.

  Products Confirmed Not Vulnerable

  No other Cisco products are currently known to be affected by this vulnerability.

Workarounds

• There are no workarounds that address this vulnerability.

Fixed Software

• Cisco provides information about fixed software in Cisco bugs, which are accessible through the Cisco Bug Search Tool.
  
  When considering software upgrades, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.
  
  In all cases, customers should ensure that the devices to upgrade contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

Exploitation and Public Announcements

• The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

• Cisco would like to thank security researcher Samuel Huntley for finding and reporting this vulnerability.

URL

• http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv1

Revision History

• Version	Description	Section	Status	Date
  1.1	Updated to indicate availability of a fixed release. Added a link to the bug search tool for additional information.	Summary, Fixed Software	Final	2016-June-21
  1.0	Initial public release.	—	Final	2016-June-15

  Show Less