Vulnerabilites related to cisco - rv016_firmware
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20142", lastModified: "2024-11-21T07:40:39.123", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.920", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20147", lastModified: "2024-11-21T07:40:39.787", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.167", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3287", lastModified: "2024-11-21T05:30:43.827", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.823", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20151", lastModified: "2024-11-21T07:40:40.290", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.373", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082 podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3275", lastModified: "2024-11-21T05:30:42.297", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.260", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20146", lastModified: "2024-11-21T07:40:39.647", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.107", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20148", lastModified: "2024-11-21T07:40:39.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.220", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3290", lastModified: "2024-11-21T05:30:44.200", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.073", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20149", lastModified: "2024-11-21T07:40:40.040", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.277", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3293", lastModified: "2024-11-21T05:30:44.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.323", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-20 07:15
Modified
2025-03-12 17:15
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de los routers Cisco Small Business serie RV042 podría permitir que un atacante remoto no autenticado omita la autenticación en el dispositivo afectado. Esta vulnerabilidad se debe a una validación incorrecta de la entrada del usuario de los paquetes HTTP entrantes. Un atacante podría aprovechar esta vulnerabilidad enviando solicitudes manipuladas a la interfaz de administración basada en web. Un exploit exitoso podría permitir al atacante obtener privilegios de superusuario en el dispositivo afectado.", }, ], id: "CVE-2023-20025", lastModified: "2025-03-12T17:15:38.057", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-20T07:15:14.490", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-293", }, ], source: "psirt@cisco.com", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20139", lastModified: "2024-11-21T07:40:38.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.780", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3279", lastModified: "2024-11-21T05:30:42.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.637", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20140", lastModified: "2024-11-21T07:40:38.873", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.830", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-13 07:15
Modified
2025-03-12 17:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds ["#workarounds"] section.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ cisaActionDue: "2025-03-24", cisaExploitAdd: "2025-03-03", cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Cisco Small Business RV Series Routers Command Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.\r\n\r Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds [\"#workarounds\"] section.\r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]", }, ], id: "CVE-2023-20118", lastModified: "2025-03-12T17:15:38.580", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-13T07:15:21.080", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20141", lastModified: "2024-11-21T07:40:38.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.877", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Cisco Small Business RV320 y RV325 Series Routers y Cisco Small Business RV016, RV042, y RV082 Routers podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente una entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3274", lastModified: "2024-11-21T05:30:42.173", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.167", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3278", lastModified: "2024-11-21T05:30:42.657", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.497", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20143", lastModified: "2024-11-21T07:40:39.253", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.973", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20138", lastModified: "2024-11-21T07:40:38.623", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.727", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3289", lastModified: "2024-11-21T05:30:44.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.997", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3295", lastModified: "2024-11-21T05:30:45.183", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.497", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3296", lastModified: "2024-11-21T05:30:45.303", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.573", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20150", lastModified: "2024-11-21T07:40:40.163", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.317", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3276", lastModified: "2024-11-21T05:30:42.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.340", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3292", lastModified: "2024-11-21T05:30:44.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.247", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3294", lastModified: "2024-11-21T05:30:45.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.417", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-20 07:15
Modified
2025-03-12 17:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de los routers Cisco Small Business serie RV042 podría permitir que un atacante remoto autenticado inyecte comandos arbitrarios en un dispositivo afectado. Esta vulnerabilidad se debe a una validación incorrecta de los campos de entrada del usuario dentro de los paquetes HTTP entrantes. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz de administración basada en web. Un exploit exitoso podría permitir al atacante ejecutar comandos arbitrarios en un dispositivo afectado con privilegios de nivel superusuario. Para aprovechar estas vulnerabilidades, un atacante necesitaría tener credenciales de administrador válidas en el dispositivo afectado.", }, ], id: "CVE-2023-20026", lastModified: "2025-03-12T17:15:38.390", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-20T07:15:14.813", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20145", lastModified: "2024-11-21T07:40:39.503", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.060", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3288", lastModified: "2024-11-21T05:30:43.960", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.900", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20144", lastModified: "2024-11-21T07:40:39.377", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.017", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3277", lastModified: "2024-11-21T05:30:42.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.417", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3286", lastModified: "2024-11-21T05:30:43.687", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.730", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 18:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.", }, ], id: "CVE-2023-20124", lastModified: "2024-11-21T07:40:36.627", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T18:15:07.590", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20137", lastModified: "2024-11-21T07:40:38.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.663", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3291", lastModified: "2024-11-21T05:30:44.317", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.167", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2023-20137
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 16:00
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.895Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20137", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:12.403435Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:00:19.865Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20137", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:00:19.865Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20146
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-11-06 14:17
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.964Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20146", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:17:58.315861Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T14:17:20.500Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20146", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-11-06T14:17:20.500Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3277
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.583Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3277", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:06.541916Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:48.721Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:18", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3277", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3277", datePublished: "2020-06-18T02:15:18.274324Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:48.721Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20025
Vulnerability from cvelistv5
Published
2023-01-19 01:33
Modified
2025-03-12 16:18
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 2.0.0.19-tm Version: 2.0.2.01-tm Version: 1.3.12.19-tm Version: 1.3.12.6-tm Version: 1.3.13.02-tm Version: 1.3.9.8-tm Version: 4.0.0.7 Version: 4.0.2.08-tm Version: 4.0.3.03-tm Version: 4.0.4.02-tm Version: 4.2.1.02 Version: 4.2.2.08 Version: 4.2.3.03 Version: 4.2.3.06 Version: 4.2.3.07 Version: 4.2.3.08 Version: 4.2.3.09 Version: 4.2.3.10 Version: 4.2.3.14 Version: 3.0.0.1-tm Version: 3.0.0.19-tm Version: 3.0.2.01-tm Version: 4.1.1.01 Version: 4.1.0.02-tm |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.838Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20025", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:19:30.025204Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-28T16:41:32.942Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "2.0.0.19-tm", }, { status: "affected", version: "2.0.2.01-tm", }, { status: "affected", version: "1.3.12.19-tm", }, { status: "affected", version: "1.3.12.6-tm", }, { status: "affected", version: "1.3.13.02-tm", }, { status: "affected", version: "1.3.9.8-tm", }, { status: "affected", version: "4.0.0.7", }, { status: "affected", version: "4.0.2.08-tm", }, { status: "affected", version: "4.0.3.03-tm", }, { status: "affected", version: "4.0.4.02-tm", }, { status: "affected", version: "4.2.1.02", }, { status: "affected", version: "4.2.2.08", }, { status: "affected", version: "4.2.3.03", }, { status: "affected", version: "4.2.3.06", }, { status: "affected", version: "4.2.3.07", }, { status: "affected", version: "4.2.3.08", }, { status: "affected", version: "4.2.3.09", }, { status: "affected", version: "4.2.3.10", }, { status: "affected", version: "4.2.3.14", }, { status: "affected", version: "3.0.0.1-tm", }, { status: "affected", version: "3.0.0.19-tm", }, { status: "affected", version: "3.0.2.01-tm", }, { status: "affected", version: "4.1.1.01", }, { status: "affected", version: "4.1.0.02-tm", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for vulnerabilities CVE-2023-20025 and CVE-2023-20026 that are described in this advisory.\r\n\r\nIn March 2025, the Cisco PSIRT became aware of additional attempted exploitation of some of these vulnerabilities in the wild. Cisco continues to strongly recommend that customers upgrade their hardware to Meraki or Cisco 1000 Series Integrated Services Routers to remediate these vulnerabilities.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-293", description: "Using Referer Field for Authentication", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T16:18:58.629Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], source: { advisory: "cisco-sa-sbr042-multi-vuln-ej76Pke5", defects: [ "CSCwd47551", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20025", datePublished: "2023-01-19T01:33:39.023Z", dateReserved: "2022-10-27T18:47:50.309Z", dateUpdated: "2025-03-12T16:18:58.629Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20150
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20150", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:38.425731Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:34.223Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20150", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:34.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3293
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3293", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:47.818871Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:52.769Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:09", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3293", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3293", datePublished: "2020-06-18T02:16:09.177103Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:52.769Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20148
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20148", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:46.418433Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:53.157Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20148", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:53.157Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20141
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20141", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:05.871408Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:41.207Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20141", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:41.207Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20026
Vulnerability from cvelistv5
Published
2023-01-19 01:33
Modified
2025-03-12 16:20
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 1.0.00.29 Version: 1.0.00.33 Version: 1.0.01.16 Version: 1.0.01.17 Version: 1.0.01.18 Version: 1.0.01.20 Version: 1.0.02.16 Version: 1.0.03.15 Version: 1.0.03.16 Version: 1.0.03.17 Version: 1.0.03.18 Version: 1.0.03.19 Version: 1.0.03.20 Version: 1.0.03.21 Version: 1.0.03.22 Version: 1.0.03.24 Version: 1.0.03.26 Version: 1.0.03.27 Version: 1.0.03.28 Version: 1.0.03.29 Version: 2.0.0.19-tm Version: 2.0.2.01-tm Version: 1.3.12.19-tm Version: 1.3.12.6-tm Version: 1.3.13.02-tm Version: 1.3.9.8-tm Version: 4.0.0.7 Version: 4.0.2.08-tm Version: 4.0.3.03-tm Version: 4.0.4.02-tm Version: 4.2.1.02 Version: 4.2.2.08 Version: 4.2.3.03 Version: 4.2.3.06 Version: 4.2.3.07 Version: 4.2.3.08 Version: 4.2.3.09 Version: 4.2.3.10 Version: 4.2.3.14 Version: 3.0.0.1-tm Version: 3.0.0.19-tm Version: 3.0.2.01-tm Version: 4.1.1.01 Version: 4.1.0.02-tm |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "1.0.00.29", }, { status: "affected", version: "1.0.00.33", }, { status: "affected", version: "1.0.01.16", }, { status: "affected", version: "1.0.01.17", }, { status: "affected", version: "1.0.01.18", }, { status: "affected", version: "1.0.01.20", }, { status: "affected", version: "1.0.02.16", }, { status: "affected", version: "1.0.03.15", }, { status: "affected", version: "1.0.03.16", }, { status: "affected", version: "1.0.03.17", }, { status: "affected", version: "1.0.03.18", }, { status: "affected", version: "1.0.03.19", }, { status: "affected", version: "1.0.03.20", }, { status: "affected", version: "1.0.03.21", }, { status: "affected", version: "1.0.03.22", }, { status: "affected", version: "1.0.03.24", }, { status: "affected", version: "1.0.03.26", }, { status: "affected", version: "1.0.03.27", }, { status: "affected", version: "1.0.03.28", }, { status: "affected", version: "1.0.03.29", }, { status: "affected", version: "2.0.0.19-tm", }, { status: "affected", version: "2.0.2.01-tm", }, { status: "affected", version: "1.3.12.19-tm", }, { status: "affected", version: "1.3.12.6-tm", }, { status: "affected", version: "1.3.13.02-tm", }, { status: "affected", version: "1.3.9.8-tm", }, { status: "affected", version: "4.0.0.7", }, { status: "affected", version: "4.0.2.08-tm", }, { status: "affected", version: "4.0.3.03-tm", }, { status: "affected", version: "4.0.4.02-tm", }, { status: "affected", version: "4.2.1.02", }, { status: "affected", version: "4.2.2.08", }, { status: "affected", version: "4.2.3.03", }, { status: "affected", version: "4.2.3.06", }, { status: "affected", version: "4.2.3.07", }, { status: "affected", version: "4.2.3.08", }, { status: "affected", version: "4.2.3.09", }, { status: "affected", version: "4.2.3.10", }, { status: "affected", version: "4.2.3.14", }, { status: "affected", version: "3.0.0.1-tm", }, { status: "affected", version: "3.0.0.19-tm", }, { status: "affected", version: "3.0.2.01-tm", }, { status: "affected", version: "4.1.1.01", }, { status: "affected", version: "4.1.0.02-tm", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for vulnerabilities CVE-2023-20025 and CVE-2023-20026 that are described in this advisory.\r\n\r\nIn March 2025, the Cisco PSIRT became aware of additional attempted exploitation of some of these vulnerabilities in the wild. Cisco continues to strongly recommend that customers upgrade their hardware to Meraki or Cisco 1000 Series Integrated Services Routers to remediate these vulnerabilities.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T16:20:12.515Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], source: { advisory: "cisco-sa-sbr042-multi-vuln-ej76Pke5", defects: [ "CSCwd60199", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20026", datePublished: "2023-01-19T01:33:26.928Z", dateReserved: "2022-10-27T18:47:50.309Z", dateUpdated: "2025-03-12T16:20:12.515Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20142
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.794Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20142", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:04.350255Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:32.870Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20142", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:32.870Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3287
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3287", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:01.050156Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:03.376Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:41", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3287", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3287", datePublished: "2020-06-18T02:15:41.213447Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:03.376Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3278
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.597Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3278", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:05.376930Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:35.272Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:27", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3278", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3278", datePublished: "2020-06-18T02:15:27.684050Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:35.272Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20144
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.902Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20144", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:00.710262Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:17.421Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20144", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:17.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3295
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3295", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:45.512614Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:25.834Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:17", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3295", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3295", datePublished: "2020-06-18T02:16:17.996974Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:25.834Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3289
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.857Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3289", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:58.505998Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:41.413Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:50", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3289", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3289", datePublished: "2020-06-18T02:15:50.484251Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:41.413Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3286
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.602Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3286", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:02.908900Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:13.891Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:36", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3286", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3286", datePublished: "2020-06-18T02:15:36.829409Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:13.891Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20145
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.714Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20145", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:54.362234Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:09.552Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20145", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:09.552Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3276
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3276", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:30.505285Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:58:03.040Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:21:54", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3276", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3276", datePublished: "2020-06-18T02:21:54.238317Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:58:03.040Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3291
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.764Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3291", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:50.963400Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:19.214Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:59", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3291", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3291", datePublished: "2020-06-18T02:15:59.362777Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:19.214Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3294
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3294", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:46.663893Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:36.043Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:13", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3294", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3294", datePublished: "2020-06-18T02:16:13.564380Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:36.043Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20147
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:35.030Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20147", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:47.693942Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:00.487Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20147", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:00.487Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3292
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.724Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3292", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:49.277069Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:02.787Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:03", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3292", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3292", datePublished: "2020-06-18T02:16:04.053598Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:02.787Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3296
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.723Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3296", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:44.319650Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:13.549Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:22", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3296", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3296", datePublished: "2020-06-18T02:16:22.456163Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:13.549Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3274
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.317Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3274", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:33.272593Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:58:26.378Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:21:45", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3274", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3274", datePublished: "2020-06-18T02:21:45.469314Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:58:26.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20118
Vulnerability from cvelistv5
Published
2023-04-05 16:05
Modified
2025-03-12 16:21
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds ["#workarounds"] section.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 1.0.1.17 Version: 1.0.2.03 Version: 1.1.0.09 Version: 1.1.1.19 Version: 1.1.1.06 Version: 1.2.1.13 Version: 1.2.1.14 Version: 1.3.1.12 Version: 1.3.2.02 Version: 1.3.1.10 Version: 1.4.2.15 Version: 1.4.2.17 Version: 1.4.2.19 Version: 1.4.2.20 Version: 1.4.2.22 Version: 1.5.1.05 Version: 1.5.1.11 Version: 1.5.1.13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.886Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20118", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-03T20:12:24.673297Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2025-03-03", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-03-03T20:14:14.379Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, timeline: [ { lang: "en", time: "2025-03-03T00:00:00+00:00", value: "CVE-2023-20118 added to CISA KEV", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "1.0.1.17", }, { status: "affected", version: "1.0.2.03", }, { status: "affected", version: "1.1.0.09", }, { status: "affected", version: "1.1.1.19", }, { status: "affected", version: "1.1.1.06", }, { status: "affected", version: "1.2.1.13", }, { status: "affected", version: "1.2.1.14", }, { status: "affected", version: "1.3.1.12", }, { status: "affected", version: "1.3.2.02", }, { status: "affected", version: "1.3.1.10", }, { status: "affected", version: "1.4.2.15", }, { status: "affected", version: "1.4.2.17", }, { status: "affected", version: "1.4.2.19", }, { status: "affected", version: "1.4.2.20", }, { status: "affected", version: "1.4.2.22", }, { status: "affected", version: "1.5.1.05", }, { status: "affected", version: "1.5.1.11", }, { status: "affected", version: "1.5.1.13", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.\r\n\r Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds [\"#workarounds\"] section.\r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for vulnerabilities CVE-2023-20025 and CVE-2023-20026 that are described in this advisory.\r\n\r\nIn March 2025, the Cisco PSIRT became aware of additional attempted exploitation of some of these vulnerabilities in the wild. Cisco continues to strongly recommend that customers upgrade their hardware to Meraki or Cisco 1000 Series Integrated Services Routers to remediate these vulnerabilities.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T16:21:05.953Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], source: { advisory: "cisco-sa-sbr042-multi-vuln-ej76Pke5", defects: [ "CSCwe41652", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20118", datePublished: "2023-04-05T16:05:41.067Z", dateReserved: "2022-10-27T18:47:50.345Z", dateUpdated: "2025-03-12T16:21:05.953Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20143
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.889Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20143", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:02.534309Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:25.961Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20143", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:25.961Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3290
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.000Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3290", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:52.205745Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:30.650Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:54", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3290", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3290", datePublished: "2020-06-18T02:15:54.897489Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:30.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20138
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 16:00
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.873Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20138", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:10.509886Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:00:12.109Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20138", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:00:12.109Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3279
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3279", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:04.093578Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:24.646Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:32", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3279", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3279", datePublished: "2020-06-18T02:15:32.305196Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:24.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20124
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-28 16:30
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:36.160Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20124", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:19:07.895615Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-28T16:30:19.467Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], source: { advisory: "cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", defect: [ [ "CSCwe67655", "CSCwe67659", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20124", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-28T16:30:19.467Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20139
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.886Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20139", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:08.686490Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:56.640Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20139", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:56.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3288
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.672Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3288", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:59.837239Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:51.996Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:45", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3288", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3288", datePublished: "2020-06-18T02:15:45.555572Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:51.996Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3275
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.580Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3275", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:31.940556Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:58:15.132Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:21:49", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3275", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3275", datePublished: "2020-06-18T02:21:50.062911Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:58:15.132Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20140
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:36.128Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20140", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:07.446266Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:49.069Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20140", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:49.069Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20151
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.861Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20151", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:31.698264Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:27.245Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20151", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:27.245Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20149
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.947Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20149", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:44.905161Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:46.117Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20149", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:46.117Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }