Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   


Try our Premium Alert Service
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Become a Partner and License Our Database or Notification Service

Category:   Device (Router/Bridge/Hub)  >   Cisco Small Business RV Series Vendors:   Cisco
Cisco Small Business RV Series Routers Use Static Certificates and Keys That Let Remote Users Decrypt Potentially Sensitive User Connections
SecurityTracker Alert ID:  1034258
SecurityTracker URL:
CVE Reference:   CVE-2015-6358   (Links to External Site)
Date:  Nov 26 2015
Impact:   Disclosure of system information, Disclosure of user information
Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Small Business RV Series Routers. A remote user can decrypt user connections to obtain potentially sensitive information in certain cases.

The system uses a hard-coded certificate and hard-coded keys to protect user connections. A remote user that can conduct a man-in-the-middle attack can use the static credentials to decrypt user connections and obtain potentially sensitive information.

The following models are affected:

RV320 Dual Gigabit WAN VPN Router
RV325 Dual Gigabit WAN VPN Router
RV325 Dual WAN Gigabit VPN Router
WRV210 Wireless-G VPN Router - RangeBooster
WAP4410N Wireless-N Access Point - PoE/Advanced Security
WRV200 Wireless-G VPN Router - RangeBooster
WAP200 Wireless-G Access Point - PoE/Rangebooster
SRW224P 24-port 10/100 + 2-port Gigabit Switch - WebView/PoE
WET200 Wireless-G Business Ethernet Bridge
WAP2000 Wireless-G Access Point - PoE
WAP4400N Wireless-N Access Point - PoE
RV120W Wireless-N VPN Firewall
RV180 VPN Router
RV180W Wireless-N Multifunction VPN Router
RV315W Wireless-N VPN Router
WRP500 Wireless-AC Broadband Router with 2 Phone Ports
SPA400 Internet Telephony Gateway with 4 FXO Ports
RTP300 Broadband Router
RV220W Wireless Network Security Firewall

The vendor has assigned bug IDs CSCuw46610, CSCuw46620, CSCuw46637, CSCuw46654, CSCuw46665, CSCuw46672, CSCuw46677, CSCuw46682, CSCuw46705, CSCuw46716, CSCuw46979, CSCuw47005, CSCuw47028, CSCuw47040, CSCuw47048, CSCuw47061, CSCuw90860, CSCuw90869, CSCuw90875, CSCuw90881, CSCuw90899, and CSCuw90913 to this vulnerability.

Stefan Viehbck from SEC Consult Vulnerability Lab reported this vulnerability.

Impact:   A remote user that can conduct a man-in-the-middle attack can decrypt user connections and obtain potentially sensitive information.
Solution:   No solution was available at the time of this entry.

The vendor's advisory is available at:

Vendor URL: (Links to External Site)
Cause:   Access control error

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

Copyright 2018, LLC