CVE-2019-1663

This Metasploit module exploits a remote command execution vulnerability in Cisco RV110W/RV130(W)/RV215W routers by sending malicious HTTP requests to the web-based management interface, leveraging improper input validation to achieve arbitrary code execution with high privileges.

This Metasploit module exploits CVE-2019-1663, a remote command execution vulnerability in Cisco RV130W routers due to improper validation in the web-based management interface. It leverages a buffer overflow in the login.cgi endpoint to execute arbitrary commands with high privileges.

This exploit leverages a stack-based buffer overflow in Cisco RV130W routers (CVE-2019-1663) to achieve remote code execution via a crafted POST request to the login.cgi endpoint. The payload uses ROP gadgets to bypass DEP and execute an arbitrary command (ping in this case).

This repository contains a functional exploit for CVE-2019-1663, a stack-based buffer overflow in Cisco RV110W, RV130W, and RV215W routers. The exploit leverages a crafted HTTP POST request to achieve unauthenticated remote code execution via ROP gadgets on ARM architecture.

This repository contains a functional exploit for CVE-2019-1663, a buffer overflow vulnerability in Cisco routers caused by improper use of the `strcpy` function. The exploit includes a Python script that crafts a malicious payload to achieve remote code execution (RCE) on vulnerable devices.

The repository contains only a README with minimal information about CVE-2019-1663, mentioning affected Cisco router models but no technical details, exploit code, or analysis. It appears to be a placeholder for research that was never completed or published.

This Metasploit module exploits CVE-2019-1663, a remote command execution vulnerability in Cisco RV110W/RV130(W)/RV215W routers due to improper validation of user-supplied data in the web-based management interface. It leverages a buffer overflow to execute arbitrary code with high privileges.