Vulnerabilites related to cisco - rv082
var-202006-1123
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1123", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "NVD", id: "CVE-2020-3287", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006861", }, ], }, cve: "CVE-2020-3287", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3287", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006861", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-36258", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3287", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3287", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006861", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3287", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3287", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006861", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-36258", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1164", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-3287", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, { db: "VULMON", id: "CVE-2020-3287", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "CNNVD", id: "CNNVD-202006-1164", }, { db: "NVD", id: "CVE-2020-3287", }, { db: "NVD", id: "CVE-2020-3287", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3287", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "CNVD", id: "CNVD-2020-36258", }, { db: "VULMON", id: "CVE-2020-3287", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3287", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-006861", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-36258", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1164", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-3287", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, { db: "VULMON", id: "CVE-2020-3287", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "CNNVD", id: "CNNVD-202006-1164", }, { db: "NVD", id: "CVE-2020-3287", }, ], }, id: "VAR-202006-1123", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, ], }, last_update_date: "2024-11-23T21:35:43.585000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-36258)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/224609", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121857", }, { title: "Cisco: Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, { db: "VULMON", id: "CVE-2020-3287", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "CNNVD", id: "CNNVD-202006-1164", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "NVD", id: "CVE-2020-3287", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3287", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3287", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36258", }, { db: "VULMON", id: "CVE-2020-3287", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "CNNVD", id: "CNNVD-202006-1164", }, { db: "NVD", id: "CVE-2020-3287", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-36258", }, { db: "VULMON", id: "CVE-2020-3287", }, { db: "JVNDB", id: "JVNDB-2020-006861", }, { db: "CNNVD", id: "CNNVD-202006-1164", }, { db: "NVD", id: "CVE-2020-3287", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36258", }, { date: "2020-06-18T00:00:00", db: "VULMON", id: "CVE-2020-3287", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006861", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1164", }, { date: "2020-06-18T03:15:12.823000", db: "NVD", id: "CVE-2020-3287", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36258", }, { date: "2021-08-06T00:00:00", db: "VULMON", id: "CVE-2020-3287", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006861", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1164", }, { date: "2024-11-21T05:30:43.827000", db: "NVD", id: "CVE-2020-3287", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1164", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006861", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1164", }, ], trust: 0.6, }, }
var-202304-0078
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0078", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "NVD", id: "CVE-2023-20143", }, ], }, cve: "CVE-2023-20143", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20143", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20143", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20143", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20143", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20143", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-293", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "CNNVD", id: "CNNVD-202304-293", }, { db: "NVD", id: "CVE-2023-20143", }, { db: "NVD", id: "CVE-2023-20143", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20143", }, { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "VULMON", id: "CVE-2023-20143", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20143", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-007117", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-293", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20143", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20143", }, { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "CNNVD", id: "CNNVD-202304-293", }, { db: "NVD", id: "CVE-2023-20143", }, ], }, id: "VAR-202304-0078", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:53.707000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233391", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20143", }, { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "CNNVD", id: "CNNVD-202304-293", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "NVD", id: "CVE-2023-20143", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20143", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20143/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20143", }, { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "CNNVD", id: "CNNVD-202304-293", }, { db: "NVD", id: "CVE-2023-20143", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20143", }, { db: "JVNDB", id: "JVNDB-2023-007117", }, { db: "CNNVD", id: "CNNVD-202304-293", }, { db: "NVD", id: "CVE-2023-20143", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20143", }, { date: "2023-11-17T00:00:00", db: "JVNDB", id: "JVNDB-2023-007117", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-293", }, { date: "2023-04-05T19:15:08.973000", db: "NVD", id: "CVE-2023-20143", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20143", }, { date: "2023-11-17T06:01:00", db: "JVNDB", id: "JVNDB-2023-007117", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-293", }, { date: "2023-11-07T04:06:12.420000", db: "NVD", id: "CVE-2023-20143", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-293", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-007117", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-293", }, ], trust: 0.6, }, }
var-202006-1118
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.
There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1118", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "NVD", id: "CVE-2020-3277", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006866", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kai Cheng", sources: [ { db: "CNNVD", id: "CNNVD-202006-1151", }, ], trust: 0.6, }, cve: "CVE-2020-3277", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3277", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006866", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35161", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3277", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3277", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006866", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3277", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3277", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006866", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35161", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1151", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "CNNVD", id: "CNNVD-202006-1151", }, { db: "NVD", id: "CVE-2020-3277", }, { db: "NVD", id: "CVE-2020-3277", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-3277", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "CNVD", id: "CNVD-2020-35161", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3277", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006866", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35161", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1151", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "CNNVD", id: "CNNVD-202006-1151", }, { db: "NVD", id: "CVE-2020-3277", }, ], }, id: "VAR-202006-1118", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, ], }, last_update_date: "2024-11-23T22:16:27.139000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-Rj5JRfF8", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { title: "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35161)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223633", }, { title: "Multiple Cisco Product Command Injection Vulnerability Fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123003", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "CNNVD", id: "CNNVD-202006-1151", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, { problemtype: "CWE-77", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "NVD", id: "CVE-2020-3277", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3277", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3277", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35161", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "CNNVD", id: "CNNVD-202006-1151", }, { db: "NVD", id: "CVE-2020-3277", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35161", }, { db: "JVNDB", id: "JVNDB-2020-006866", }, { db: "CNNVD", id: "CNNVD-202006-1151", }, { db: "NVD", id: "CVE-2020-3277", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35161", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006866", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1151", }, { date: "2020-06-18T03:15:12.417000", db: "NVD", id: "CVE-2020-3277", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35161", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006866", }, { date: "2020-07-03T00:00:00", db: "CNNVD", id: "CNNVD-202006-1151", }, { date: "2024-11-21T05:30:42.540000", db: "NVD", id: "CVE-2020-3277", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1151", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV In series routers OS Command injection vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-006866", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202006-1151", }, ], trust: 0.6, }, }
var-202304-0296
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0296", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "NVD", id: "CVE-2023-20140", }, ], }, cve: "CVE-2023-20140", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20140", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20140", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20140", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20140", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20140", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-298", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "CNNVD", id: "CNNVD-202304-298", }, { db: "NVD", id: "CVE-2023-20140", }, { db: "NVD", id: "CVE-2023-20140", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20140", }, { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "VULMON", id: "CVE-2023-20140", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20140", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006807", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-298", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20140", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20140", }, { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "CNNVD", id: "CNNVD-202304-298", }, { db: "NVD", id: "CVE-2023-20140", }, ], }, id: "VAR-202304-0296", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.227000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233396", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20140", }, { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "CNNVD", id: "CNNVD-202304-298", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "NVD", id: "CVE-2023-20140", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20140", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20140/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20140", }, { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "CNNVD", id: "CNNVD-202304-298", }, { db: "NVD", id: "CVE-2023-20140", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20140", }, { db: "JVNDB", id: "JVNDB-2023-006807", }, { db: "CNNVD", id: "CNNVD-202304-298", }, { db: "NVD", id: "CVE-2023-20140", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20140", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006807", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-298", }, { date: "2023-04-05T19:15:08.830000", db: "NVD", id: "CVE-2023-20140", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20140", }, { date: "2023-11-16T05:52:00", db: "JVNDB", id: "JVNDB-2023-006807", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-298", }, { date: "2023-11-07T04:06:11.363000", db: "NVD", id: "CVE-2023-20140", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-298", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006807", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-298", }, ], trust: 0.6, }, }
var-202304-0146
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0146", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "NVD", id: "CVE-2023-20138", }, ], }, cve: "CVE-2023-20138", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20138", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20138", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20138", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20138", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20138", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-297", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "CNNVD", id: "CNNVD-202304-297", }, { db: "NVD", id: "CVE-2023-20138", }, { db: "NVD", id: "CVE-2023-20138", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20138", }, { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "VULMON", id: "CVE-2023-20138", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20138", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006805", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-297", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20138", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20138", }, { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "CNNVD", id: "CNNVD-202304-297", }, { db: "NVD", id: "CVE-2023-20138", }, ], }, id: "VAR-202304-0146", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.202000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233395", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20138", }, { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "CNNVD", id: "CNNVD-202304-297", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "NVD", id: "CVE-2023-20138", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20138", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20138/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20138", }, { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "CNNVD", id: "CNNVD-202304-297", }, { db: "NVD", id: "CVE-2023-20138", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20138", }, { db: "JVNDB", id: "JVNDB-2023-006805", }, { db: "CNNVD", id: "CNNVD-202304-297", }, { db: "NVD", id: "CVE-2023-20138", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20138", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006805", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-297", }, { date: "2023-04-05T19:15:08.727000", db: "NVD", id: "CVE-2023-20138", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20138", }, { date: "2023-11-16T05:52:00", db: "JVNDB", id: "JVNDB-2023-006805", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-297", }, { date: "2023-11-07T04:06:10.680000", db: "NVD", id: "CVE-2023-20138", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-297", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006805", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-297", }, ], trust: 0.6, }, }
var-202304-0079
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0079", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "NVD", id: "CVE-2023-20145", }, ], }, cve: "CVE-2023-20145", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20145", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20145", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20145", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20145", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20145", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-291", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "CNNVD", id: "CNNVD-202304-291", }, { db: "NVD", id: "CVE-2023-20145", }, { db: "NVD", id: "CVE-2023-20145", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20145", }, { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "VULMON", id: "CVE-2023-20145", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20145", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-007112", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-291", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20145", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20145", }, { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "CNNVD", id: "CNNVD-202304-291", }, { db: "NVD", id: "CVE-2023-20145", }, ], }, id: "VAR-202304-0079", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.176000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233389", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20145", }, { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "CNNVD", id: "CNNVD-202304-291", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "NVD", id: "CVE-2023-20145", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20145", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20145/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20145", }, { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "CNNVD", id: "CNNVD-202304-291", }, { db: "NVD", id: "CVE-2023-20145", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20145", }, { db: "JVNDB", id: "JVNDB-2023-007112", }, { db: "CNNVD", id: "CNNVD-202304-291", }, { db: "NVD", id: "CVE-2023-20145", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20145", }, { date: "2023-11-17T00:00:00", db: "JVNDB", id: "JVNDB-2023-007112", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-291", }, { date: "2023-04-05T19:15:09.060000", db: "NVD", id: "CVE-2023-20145", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20145", }, { date: "2023-11-17T05:56:00", db: "JVNDB", id: "JVNDB-2023-007112", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-291", }, { date: "2023-11-07T04:06:13.397000", db: "NVD", id: "CVE-2023-20145", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-291", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-007112", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-291", }, ], trust: 0.6, }, }
var-202304-0076
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0076", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "NVD", id: "CVE-2023-20137", }, ], }, cve: "CVE-2023-20137", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20137", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20137", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20137", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20137", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20137", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-299", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "CNNVD", id: "CNNVD-202304-299", }, { db: "NVD", id: "CVE-2023-20137", }, { db: "NVD", id: "CVE-2023-20137", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20137", }, { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "VULMON", id: "CVE-2023-20137", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20137", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006804", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-299", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20137", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20137", }, { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "CNNVD", id: "CNNVD-202304-299", }, { db: "NVD", id: "CVE-2023-20137", }, ], }, id: "VAR-202304-0076", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.125000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233397", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20137", }, { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "CNNVD", id: "CNNVD-202304-299", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "NVD", id: "CVE-2023-20137", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20137", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20137/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20137", }, { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "CNNVD", id: "CNNVD-202304-299", }, { db: "NVD", id: "CVE-2023-20137", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20137", }, { db: "JVNDB", id: "JVNDB-2023-006804", }, { db: "CNNVD", id: "CNNVD-202304-299", }, { db: "NVD", id: "CVE-2023-20137", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20137", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006804", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-299", }, { date: "2023-04-05T19:15:08.663000", db: "NVD", id: "CVE-2023-20137", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20137", }, { date: "2023-11-16T05:52:00", db: "JVNDB", id: "JVNDB-2023-006804", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-299", }, { date: "2023-11-07T04:06:10.450000", db: "NVD", id: "CVE-2023-20137", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-299", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006804", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-299", }, ], trust: 0.6, }, }
var-202404-1866
Vulnerability from variot
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco Small Business is a switch of Cisco. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data by the application
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202404-1866", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "rv325", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "rv016", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "rv042", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "rv042g", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "rv082", scope: null, trust: 0.6, vendor: "cisco", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, ], }, cve: "CVE-2024-20362", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2024-20830", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2024-20362", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, ], severity: [ { author: "ykramarz@cisco.com", id: "CVE-2024-20362", trust: 1, value: "MEDIUM", }, { author: "CNVD", id: "CNVD-2024-20830", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, { db: "NVD", id: "CVE-2024-20362", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. \r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco Small Business is a switch of Cisco. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data by the application", sources: [ { db: "NVD", id: "CVE-2024-20362", }, { db: "CNVD", id: "CNVD-2024-20830", }, ], trust: 1.44, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2024-20362", trust: 1.6, }, { db: "CNVD", id: "CNVD-2024-20830", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, { db: "NVD", id: "CVE-2024-20362", }, ], }, id: "VAR-202404-1866", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, ], trust: 0.06, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, ], }, last_update_date: "2024-08-14T13:41:07.886000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Patch for Cisco Small Business Cross-Site Scripting Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/541076", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-80", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2024-20362", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbiz-rv-xss-oqertup", }, { trust: 0.6, url: "https://nvd.nist.gov/vuln/detail/cve-2024-20362", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, { db: "NVD", id: "CVE-2024-20362", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-20830", }, { db: "NVD", id: "CVE-2024-20362", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-04-12T00:00:00", db: "CNVD", id: "CNVD-2024-20830", }, { date: "2024-04-03T17:15:49.707000", db: "NVD", id: "CVE-2024-20362", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-04-29T00:00:00", db: "CNVD", id: "CNVD-2024-20830", }, { date: "2024-04-03T17:24:18.150000", db: "NVD", id: "CVE-2024-20362", }, ], }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco Small Business Cross-Site Scripting Vulnerability", sources: [ { db: "CNVD", id: "CNVD-2024-20830", }, ], trust: 0.6, }, }
var-202304-0150
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0150", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "NVD", id: "CVE-2023-20150", }, ], }, cve: "CVE-2023-20150", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20150", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20150", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20150", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20150", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20150", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-286", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "CNNVD", id: "CNNVD-202304-286", }, { db: "NVD", id: "CVE-2023-20150", }, { db: "NVD", id: "CVE-2023-20150", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20150", }, { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "VULMON", id: "CVE-2023-20150", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20150", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006865", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-286", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20150", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20150", }, { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "CNNVD", id: "CNNVD-202304-286", }, { db: "NVD", id: "CVE-2023-20150", }, ], }, id: "VAR-202304-0150", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.097000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233384", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20150", }, { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "CNNVD", id: "CNNVD-202304-286", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "NVD", id: "CVE-2023-20150", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20150", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20150/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20150", }, { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "CNNVD", id: "CNNVD-202304-286", }, { db: "NVD", id: "CVE-2023-20150", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20150", }, { db: "JVNDB", id: "JVNDB-2023-006865", }, { db: "CNNVD", id: "CNNVD-202304-286", }, { db: "NVD", id: "CVE-2023-20150", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20150", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006865", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-286", }, { date: "2023-04-05T19:15:09.317000", db: "NVD", id: "CVE-2023-20150", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20150", }, { date: "2023-11-16T07:21:00", db: "JVNDB", id: "JVNDB-2023-006865", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-286", }, { date: "2023-11-07T04:06:15.010000", db: "NVD", id: "CVE-2023-20150", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-286", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006865", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-286", }, ], trust: 0.6, }, }
var-202006-1131
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1131", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "NVD", id: "CVE-2020-3295", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006849", }, ], }, cve: "CVE-2020-3295", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3295", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006849", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-36257", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3295", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3295", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006849", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3295", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3295", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006849", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-36257", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1163", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "CNNVD", id: "CNNVD-202006-1163", }, { db: "NVD", id: "CVE-2020-3295", }, { db: "NVD", id: "CVE-2020-3295", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3295", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "CNVD", id: "CNVD-2020-36257", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3295", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006849", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-36257", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1163", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "CNNVD", id: "CNNVD-202006-1163", }, { db: "NVD", id: "CVE-2020-3295", }, ], }, id: "VAR-202006-1131", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, ], }, last_update_date: "2024-11-23T21:35:43.797000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-36257)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/224611", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121856", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "CNNVD", id: "CNNVD-202006-1163", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "NVD", id: "CVE-2020-3295", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3295", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3295", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36257", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "CNNVD", id: "CNNVD-202006-1163", }, { db: "NVD", id: "CVE-2020-3295", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-36257", }, { db: "JVNDB", id: "JVNDB-2020-006849", }, { db: "CNNVD", id: "CNNVD-202006-1163", }, { db: "NVD", id: "CVE-2020-3295", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36257", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006849", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1163", }, { date: "2020-06-18T03:15:13.497000", db: "NVD", id: "CVE-2020-3295", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36257", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006849", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1163", }, { date: "2024-11-21T05:30:45.183000", db: "NVD", id: "CVE-2020-3295", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1163", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006849", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1163", }, ], trust: 0.6, }, }
var-202006-1119
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.
There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1119", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "NVD", id: "CVE-2020-3278", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006867", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kai Cheng", sources: [ { db: "CNNVD", id: "CNNVD-202006-1150", }, ], trust: 0.6, }, cve: "CVE-2020-3278", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3278", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006867", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35160", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3278", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3278", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006867", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3278", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3278", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006867", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35160", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1150", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "CNNVD", id: "CNNVD-202006-1150", }, { db: "NVD", id: "CVE-2020-3278", }, { db: "NVD", id: "CVE-2020-3278", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-3278", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "CNVD", id: "CNVD-2020-35160", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3278", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006867", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35160", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1150", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "CNNVD", id: "CNNVD-202006-1150", }, { db: "NVD", id: "CVE-2020-3278", }, ], }, id: "VAR-202006-1119", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, ], }, last_update_date: "2024-11-23T21:59:11.916000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-Rj5JRfF8", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { title: "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35160)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223651", }, { title: "Multiple Cisco Product Command Injection Vulnerability Fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123002", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "CNNVD", id: "CNNVD-202006-1150", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, { problemtype: "CWE-77", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "NVD", id: "CVE-2020-3278", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3278", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3278", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35160", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "CNNVD", id: "CNNVD-202006-1150", }, { db: "NVD", id: "CVE-2020-3278", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35160", }, { db: "JVNDB", id: "JVNDB-2020-006867", }, { db: "CNNVD", id: "CNNVD-202006-1150", }, { db: "NVD", id: "CVE-2020-3278", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35160", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006867", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1150", }, { date: "2020-06-18T03:15:12.497000", db: "NVD", id: "CVE-2020-3278", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-14T00:00:00", db: "CNVD", id: "CNVD-2020-35160", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006867", }, { date: "2020-07-03T00:00:00", db: "CNNVD", id: "CNNVD-202006-1150", }, { date: "2024-11-21T05:30:42.657000", db: "NVD", id: "CVE-2020-3278", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1150", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV In series routers OS Command injection vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-006867", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202006-1150", }, ], trust: 0.6, }, }
var-202301-0962
Vulnerability from variot
A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device.
This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202301-0962", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "NVD", id: "CVE-2023-20025", }, ], }, cve: "CVE-2023-20025", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2023-20025", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 2.2, id: "CVE-2023-20025", impactScore: 6, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 9.8, baseSeverity: "Critical", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-20025", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20025", trust: 1, value: "CRITICAL", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20025", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2023-20025", trust: 0.8, value: "Critical", }, { author: "CNNVD", id: "CNNVD-202301-943", trust: 0.6, value: "CRITICAL", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "CNNVD", id: "CNNVD-202301-943", }, { db: "NVD", id: "CVE-2023-20025", }, { db: "NVD", id: "CVE-2023-20025", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device. \r\n\r This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-20025", }, { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "VULMON", id: "CVE-2023-20025", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20025", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-002344", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.0171", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202301-943", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20025", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20025", }, { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "CNNVD", id: "CNNVD-202301-943", }, { db: "NVD", id: "CVE-2023-20025", }, ], }, id: "VAR-202301-0962", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:52:50.402000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-sbr042-multi-vuln-ej76Pke5", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { title: "Cisco Small Business RV016 Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=223494", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20025", }, { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "CNNVD", id: "CNNVD-202301-943", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-293", trust: 1, }, { problemtype: "CWE-20", trust: 1, }, { problemtype: "Inappropriate input confirmation (CWE-20) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "NVD", id: "CVE-2023-20025", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbr042-multi-vuln-ej76pke5", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20025", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.0171", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20025/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20025", }, { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "CNNVD", id: "CNNVD-202301-943", }, { db: "NVD", id: "CVE-2023-20025", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20025", }, { db: "JVNDB", id: "JVNDB-2023-002344", }, { db: "CNNVD", id: "CNNVD-202301-943", }, { db: "NVD", id: "CVE-2023-20025", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-20T00:00:00", db: "VULMON", id: "CVE-2023-20025", }, { date: "2023-07-05T00:00:00", db: "JVNDB", id: "JVNDB-2023-002344", }, { date: "2023-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202301-943", }, { date: "2023-01-20T07:15:14.490000", db: "NVD", id: "CVE-2023-20025", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-20T00:00:00", db: "VULMON", id: "CVE-2023-20025", }, { date: "2023-07-05T07:35:00", db: "JVNDB", id: "JVNDB-2023-002344", }, { date: "2023-02-02T00:00:00", db: "CNNVD", id: "CNNVD-202301-943", }, { date: "2024-01-25T17:15:25.523000", db: "NVD", id: "CVE-2023-20025", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202301-943", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco Small Business RV042 Input Validation Vulnerability in Series Routers", sources: [ { db: "JVNDB", id: "JVNDB-2023-002344", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-202301-943", }, ], trust: 0.6, }, }
var-202304-0298
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0298", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "NVD", id: "CVE-2023-20147", }, ], }, cve: "CVE-2023-20147", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20147", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20147", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20147", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20147", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20147", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-290", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "CNNVD", id: "CNNVD-202304-290", }, { db: "NVD", id: "CVE-2023-20147", }, { db: "NVD", id: "CVE-2023-20147", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20147", }, { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "VULMON", id: "CVE-2023-20147", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20147", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-008492", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-290", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20147", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20147", }, { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "CNNVD", id: "CNNVD-202304-290", }, { db: "NVD", id: "CVE-2023-20147", }, ], }, id: "VAR-202304-0298", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.045000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233388", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20147", }, { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "CNNVD", id: "CNNVD-202304-290", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "NVD", id: "CVE-2023-20147", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20147", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20147/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20147", }, { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "CNNVD", id: "CNNVD-202304-290", }, { db: "NVD", id: "CVE-2023-20147", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20147", }, { db: "JVNDB", id: "JVNDB-2023-008492", }, { db: "CNNVD", id: "CNNVD-202304-290", }, { db: "NVD", id: "CVE-2023-20147", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20147", }, { date: "2023-12-01T00:00:00", db: "JVNDB", id: "JVNDB-2023-008492", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-290", }, { date: "2023-04-05T19:15:09.167000", db: "NVD", id: "CVE-2023-20147", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20147", }, { date: "2023-12-01T05:22:00", db: "JVNDB", id: "JVNDB-2023-008492", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-290", }, { date: "2023-11-07T04:06:14.043000", db: "NVD", id: "CVE-2023-20147", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-290", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-008492", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-290", }, ], trust: 0.6, }, }
var-202304-0297
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with. Cisco Small Business Routers is a router device of Cisco. Remote attackers can exploit this vulnerability to inject malicious scripts or HTML code. When the malicious data is viewed, sensitive information can be obtained or user sessions can be hijacked
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0297", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "small business routers rv016", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "small business routers rv042", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "small business routers rv042g", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "small business routers rv082", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "small business routers rv320", scope: null, trust: 0.6, vendor: "cisco", version: null, }, { model: "small business routers rv325", scope: null, trust: 0.6, vendor: "cisco", version: null, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "NVD", id: "CVE-2023-20142", }, ], }, cve: "CVE-2023-20142", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "NONE", baseScore: 6.4, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2024-24744", impactScore: 4.9, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:N", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20142", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20142", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20142", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20142", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20142", trust: 0.8, value: "Medium", }, { author: "CNVD", id: "CNVD-2024-24744", trust: 0.6, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-202304-292", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "CNNVD", id: "CNNVD-202304-292", }, { db: "NVD", id: "CVE-2023-20142", }, { db: "NVD", id: "CVE-2023-20142", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with. Cisco Small Business Routers is a router device of Cisco. Remote attackers can exploit this vulnerability to inject malicious scripts or HTML code. When the malicious data is viewed, sensitive information can be obtained or user sessions can be hijacked", sources: [ { db: "NVD", id: "CVE-2023-20142", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "CNVD", id: "CNVD-2024-24744", }, { db: "VULMON", id: "CVE-2023-20142", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20142", trust: 3.9, }, { db: "JVNDB", id: "JVNDB-2023-007121", trust: 0.8, }, { db: "CNVD", id: "CNVD-2024-24744", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-292", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20142", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, { db: "VULMON", id: "CVE-2023-20142", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "CNNVD", id: "CNNVD-202304-292", }, { db: "NVD", id: "CVE-2023-20142", }, ], }, id: "VAR-202304-0297", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, ], trust: 1.0116747799999999, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, ], }, last_update_date: "2024-08-14T13:20:53.732000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Patch for Cisco Small Business Routers Web Management Interface Cross-Site Scripting Vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/546621", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233390", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, { db: "VULMON", id: "CVE-2023-20142", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "CNNVD", id: "CNNVD-202304-292", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "NVD", id: "CVE-2023-20142", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20142", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20142/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2024-24744", }, { db: "VULMON", id: "CVE-2023-20142", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "CNNVD", id: "CNNVD-202304-292", }, { db: "NVD", id: "CVE-2023-20142", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2024-24744", }, { db: "VULMON", id: "CVE-2023-20142", }, { db: "JVNDB", id: "JVNDB-2023-007121", }, { db: "CNNVD", id: "CNNVD-202304-292", }, { db: "NVD", id: "CVE-2023-20142", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-05-16T00:00:00", db: "CNVD", id: "CNVD-2024-24744", }, { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20142", }, { date: "2023-11-17T00:00:00", db: "JVNDB", id: "JVNDB-2023-007121", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-292", }, { date: "2023-04-05T19:15:08.920000", db: "NVD", id: "CVE-2023-20142", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2024-05-29T00:00:00", db: "CNVD", id: "CNVD-2024-24744", }, { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20142", }, { date: "2023-11-17T06:04:00", db: "JVNDB", id: "JVNDB-2023-007121", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-292", }, { date: "2023-11-07T04:06:12.073000", db: "NVD", id: "CVE-2023-20142", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-292", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-007121", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-292", }, ], trust: 0.6, }, }
var-202304-0299
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0299", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "NVD", id: "CVE-2023-20148", }, ], }, cve: "CVE-2023-20148", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20148", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20148", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20148", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20148", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20148", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-288", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "CNNVD", id: "CNNVD-202304-288", }, { db: "NVD", id: "CVE-2023-20148", }, { db: "NVD", id: "CVE-2023-20148", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20148", }, { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "VULMON", id: "CVE-2023-20148", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20148", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006809", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-288", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20148", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20148", }, { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "CNNVD", id: "CNNVD-202304-288", }, { db: "NVD", id: "CVE-2023-20148", }, ], }, id: "VAR-202304-0299", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:53.608000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233386", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20148", }, { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "CNNVD", id: "CNNVD-202304-288", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "NVD", id: "CVE-2023-20148", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20148", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20148/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20148", }, { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "CNNVD", id: "CNNVD-202304-288", }, { db: "NVD", id: "CVE-2023-20148", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20148", }, { db: "JVNDB", id: "JVNDB-2023-006809", }, { db: "CNNVD", id: "CNNVD-202304-288", }, { db: "NVD", id: "CVE-2023-20148", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20148", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006809", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-288", }, { date: "2023-04-05T19:15:09.220000", db: "NVD", id: "CVE-2023-20148", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20148", }, { date: "2023-11-16T05:52:00", db: "JVNDB", id: "JVNDB-2023-006809", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-288", }, { date: "2023-11-07T04:06:14.363000", db: "NVD", id: "CVE-2023-20148", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-288", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006809", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-288", }, ], trust: 0.6, }, }
var-202304-0147
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0147", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "NVD", id: "CVE-2023-20139", }, ], }, cve: "CVE-2023-20139", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20139", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20139", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20139", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20139", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20139", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-296", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "CNNVD", id: "CNNVD-202304-296", }, { db: "NVD", id: "CVE-2023-20139", }, { db: "NVD", id: "CVE-2023-20139", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20139", }, { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "VULMON", id: "CVE-2023-20139", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20139", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006806", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-296", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20139", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20139", }, { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "CNNVD", id: "CNNVD-202304-296", }, { db: "NVD", id: "CVE-2023-20139", }, ], }, id: "VAR-202304-0147", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.018000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233394", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20139", }, { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "CNNVD", id: "CNNVD-202304-296", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "NVD", id: "CVE-2023-20139", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20139", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20139/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20139", }, { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "CNNVD", id: "CNNVD-202304-296", }, { db: "NVD", id: "CVE-2023-20139", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20139", }, { db: "JVNDB", id: "JVNDB-2023-006806", }, { db: "CNNVD", id: "CNNVD-202304-296", }, { db: "NVD", id: "CVE-2023-20139", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20139", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006806", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-296", }, { date: "2023-04-05T19:15:08.780000", db: "NVD", id: "CVE-2023-20139", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20139", }, { date: "2023-11-16T05:52:00", db: "JVNDB", id: "JVNDB-2023-006806", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-296", }, { date: "2023-11-07T04:06:11.020000", db: "NVD", id: "CVE-2023-20139", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-296", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006806", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-296", }, ], trust: 0.6, }, }
var-202006-1116
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.
There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1116", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "NVD", id: "CVE-2020-3275", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006864", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kai Cheng", sources: [ { db: "CNNVD", id: "CNNVD-202006-1152", }, ], trust: 0.6, }, cve: "CVE-2020-3275", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3275", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006864", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35162", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3275", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3275", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006864", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3275", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3275", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006864", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35162", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1152", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "CNNVD", id: "CNNVD-202006-1152", }, { db: "NVD", id: "CVE-2020-3275", }, { db: "NVD", id: "CVE-2020-3275", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-3275", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "CNVD", id: "CNVD-2020-35162", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3275", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006864", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35162", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1152", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "CNNVD", id: "CNNVD-202006-1152", }, { db: "NVD", id: "CVE-2020-3275", }, ], }, id: "VAR-202006-1116", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, ], }, last_update_date: "2024-11-23T22:37:22.181000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-Rj5JRfF8", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { title: "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35162)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223631", }, { title: "Multiple Cisco Product Command Injection Vulnerability Fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123004", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "CNNVD", id: "CNNVD-202006-1152", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, { problemtype: "CWE-77", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "NVD", id: "CVE-2020-3275", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3275", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3275", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35162", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "CNNVD", id: "CNNVD-202006-1152", }, { db: "NVD", id: "CVE-2020-3275", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35162", }, { db: "JVNDB", id: "JVNDB-2020-006864", }, { db: "CNNVD", id: "CNNVD-202006-1152", }, { db: "NVD", id: "CVE-2020-3275", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35162", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006864", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1152", }, { date: "2020-06-18T03:15:12.260000", db: "NVD", id: "CVE-2020-3275", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35162", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006864", }, { date: "2020-07-03T00:00:00", db: "CNNVD", id: "CNNVD-202006-1152", }, { date: "2024-11-21T05:30:42.297000", db: "NVD", id: "CVE-2020-3275", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1152", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV In series routers OS Command injection vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-006864", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202006-1152", }, ], trust: 0.6, }, }
var-202006-1120
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.
There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1120", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "NVD", id: "CVE-2020-3279", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006859", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kai Cheng", sources: [ { db: "CNNVD", id: "CNNVD-202006-1149", }, ], trust: 0.6, }, cve: "CVE-2020-3279", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3279", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006859", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35159", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3279", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3279", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006859", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3279", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3279", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006859", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35159", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1149", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-3279", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, { db: "VULMON", id: "CVE-2020-3279", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "CNNVD", id: "CNNVD-202006-1149", }, { db: "NVD", id: "CVE-2020-3279", }, { db: "NVD", id: "CVE-2020-3279", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-3279", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "CNVD", id: "CNVD-2020-35159", }, { db: "VULMON", id: "CVE-2020-3279", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3279", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-006859", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35159", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1149", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-3279", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, { db: "VULMON", id: "CVE-2020-3279", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "CNNVD", id: "CNNVD-202006-1149", }, { db: "NVD", id: "CVE-2020-3279", }, ], }, id: "VAR-202006-1120", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, ], }, last_update_date: "2024-11-23T23:01:21.677000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-Rj5JRfF8", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { title: "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35159)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223655", }, { title: "Multiple Cisco Product Command Injection Vulnerability Fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123001", }, { title: "Cisco: Cisco Small Business RV Series Routers Command Injection Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-routers-Rj5JRfF8", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, { db: "VULMON", id: "CVE-2020-3279", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "CNNVD", id: "CNNVD-202006-1149", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, { problemtype: "CWE-77", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "NVD", id: "CVE-2020-3279", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3279", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3279", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/78.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/183584", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35159", }, { db: "VULMON", id: "CVE-2020-3279", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "CNNVD", id: "CNNVD-202006-1149", }, { db: "NVD", id: "CVE-2020-3279", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35159", }, { db: "VULMON", id: "CVE-2020-3279", }, { db: "JVNDB", id: "JVNDB-2020-006859", }, { db: "CNNVD", id: "CNNVD-202006-1149", }, { db: "NVD", id: "CVE-2020-3279", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35159", }, { date: "2020-06-18T00:00:00", db: "VULMON", id: "CVE-2020-3279", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006859", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1149", }, { date: "2020-06-18T03:15:12.637000", db: "NVD", id: "CVE-2020-3279", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-01T00:00:00", db: "CNVD", id: "CNVD-2020-35159", }, { date: "2020-06-23T00:00:00", db: "VULMON", id: "CVE-2020-3279", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006859", }, { date: "2020-07-03T00:00:00", db: "CNNVD", id: "CNNVD-202006-1149", }, { date: "2024-11-21T05:30:42.780000", db: "NVD", id: "CVE-2020-3279", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1149", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV In series routers OS Command injection vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-006859", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202006-1149", }, ], trust: 0.6, }, }
var-202304-0148
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0148", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "NVD", id: "CVE-2023-20141", }, ], }, cve: "CVE-2023-20141", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20141", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20141", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20141", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20141", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20141", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-294", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "CNNVD", id: "CNNVD-202304-294", }, { db: "NVD", id: "CVE-2023-20141", }, { db: "NVD", id: "CVE-2023-20141", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20141", }, { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "VULMON", id: "CVE-2023-20141", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20141", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006808", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-294", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20141", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20141", }, { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "CNNVD", id: "CNNVD-202304-294", }, { db: "NVD", id: "CVE-2023-20141", }, ], }, id: "VAR-202304-0148", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:53.632000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233392", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20141", }, { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "CNNVD", id: "CNNVD-202304-294", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "NVD", id: "CVE-2023-20141", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20141", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20141/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20141", }, { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "CNNVD", id: "CNNVD-202304-294", }, { db: "NVD", id: "CVE-2023-20141", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20141", }, { db: "JVNDB", id: "JVNDB-2023-006808", }, { db: "CNNVD", id: "CNNVD-202304-294", }, { db: "NVD", id: "CVE-2023-20141", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20141", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006808", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-294", }, { date: "2023-04-05T19:15:08.877000", db: "NVD", id: "CVE-2023-20141", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20141", }, { date: "2023-11-16T05:52:00", db: "JVNDB", id: "JVNDB-2023-006808", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-294", }, { date: "2023-11-07T04:06:11.747000", db: "NVD", id: "CVE-2023-20141", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-294", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006808", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-294", }, ], trust: 0.6, }, }
var-202006-1132
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1132", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "NVD", id: "CVE-2020-3296", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006850", }, ], }, cve: "CVE-2020-3296", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3296", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006850", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35165", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3296", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3296", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006850", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3296", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3296", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006850", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35165", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1155", trust: 0.6, value: "HIGH", }, { author: "VULMON", id: "CVE-2020-3296", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, { db: "VULMON", id: "CVE-2020-3296", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "CNNVD", id: "CNNVD-202006-1155", }, { db: "NVD", id: "CVE-2020-3296", }, { db: "NVD", id: "CVE-2020-3296", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3296", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "CNVD", id: "CNVD-2020-35165", }, { db: "VULMON", id: "CVE-2020-3296", }, ], trust: 2.25, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3296", trust: 3.1, }, { db: "JVNDB", id: "JVNDB-2020-006850", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35165", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1155", trust: 0.6, }, { db: "VULMON", id: "CVE-2020-3296", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, { db: "VULMON", id: "CVE-2020-3296", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "CNNVD", id: "CNNVD-202006-1155", }, { db: "NVD", id: "CVE-2020-3296", }, ], }, id: "VAR-202006-1132", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, ], }, last_update_date: "2024-11-23T21:35:43.768000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-35165)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223617", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121848", }, { title: "Cisco: Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, { db: "VULMON", id: "CVE-2020-3296", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "CNNVD", id: "CNNVD-202006-1155", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "NVD", id: "CVE-2020-3296", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.4, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3296", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3296", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35165", }, { db: "VULMON", id: "CVE-2020-3296", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "CNNVD", id: "CNNVD-202006-1155", }, { db: "NVD", id: "CVE-2020-3296", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35165", }, { db: "VULMON", id: "CVE-2020-3296", }, { db: "JVNDB", id: "JVNDB-2020-006850", }, { db: "CNNVD", id: "CNNVD-202006-1155", }, { db: "NVD", id: "CVE-2020-3296", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35165", }, { date: "2020-06-18T00:00:00", db: "VULMON", id: "CVE-2020-3296", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006850", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1155", }, { date: "2020-06-18T03:15:13.573000", db: "NVD", id: "CVE-2020-3296", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35165", }, { date: "2021-08-06T00:00:00", db: "VULMON", id: "CVE-2020-3296", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006850", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1155", }, { date: "2024-11-21T05:30:45.303000", db: "NVD", id: "CVE-2020-3296", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1155", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006850", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1155", }, ], trust: 0.6, }, }
var-202006-1124
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1124", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "NVD", id: "CVE-2020-3288", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006862", }, ], }, cve: "CVE-2020-3288", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3288", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006862", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-36260", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3288", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3288", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006862", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3288", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3288", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006862", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-36260", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1168", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "CNNVD", id: "CNNVD-202006-1168", }, { db: "NVD", id: "CVE-2020-3288", }, { db: "NVD", id: "CVE-2020-3288", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3288", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "CNVD", id: "CNVD-2020-36260", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3288", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006862", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-36260", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1168", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "CNNVD", id: "CNNVD-202006-1168", }, { db: "NVD", id: "CVE-2020-3288", }, ], }, id: "VAR-202006-1124", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, ], }, last_update_date: "2024-11-23T21:35:43.668000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-36260)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/224605", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121861", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "CNNVD", id: "CNNVD-202006-1168", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "NVD", id: "CVE-2020-3288", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3288", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3288", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36260", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "CNNVD", id: "CNNVD-202006-1168", }, { db: "NVD", id: "CVE-2020-3288", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-36260", }, { db: "JVNDB", id: "JVNDB-2020-006862", }, { db: "CNNVD", id: "CNNVD-202006-1168", }, { db: "NVD", id: "CVE-2020-3288", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36260", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006862", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1168", }, { date: "2020-06-18T03:15:12.900000", db: "NVD", id: "CVE-2020-3288", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36260", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006862", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1168", }, { date: "2024-11-21T05:30:43.960000", db: "NVD", id: "CVE-2020-3288", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1168", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006862", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1168", }, ], trust: 0.6, }, }
var-202006-1115
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.
There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1115", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "NVD", id: "CVE-2020-3274", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006863", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kai Cheng", sources: [ { db: "CNNVD", id: "CNNVD-202006-1153", }, ], trust: 0.6, }, cve: "CVE-2020-3274", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3274", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006863", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35163", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3274", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3274", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006863", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3274", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3274", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006863", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35163", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1153", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "CNNVD", id: "CNNVD-202006-1153", }, { db: "NVD", id: "CVE-2020-3274", }, { db: "NVD", id: "CVE-2020-3274", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-3274", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "CNVD", id: "CNVD-2020-35163", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3274", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006863", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35163", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1153", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "CNNVD", id: "CNNVD-202006-1153", }, { db: "NVD", id: "CVE-2020-3274", }, ], }, id: "VAR-202006-1115", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, ], }, last_update_date: "2024-11-23T22:25:25.970000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-Rj5JRfF8", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { title: "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35163)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223629", }, { title: "Multiple Cisco Product Command Injection Vulnerability Fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123005", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "CNNVD", id: "CNNVD-202006-1153", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, { problemtype: "CWE-77", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "NVD", id: "CVE-2020-3274", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3274", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3274", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35163", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "CNNVD", id: "CNNVD-202006-1153", }, { db: "NVD", id: "CVE-2020-3274", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35163", }, { db: "JVNDB", id: "JVNDB-2020-006863", }, { db: "CNNVD", id: "CNNVD-202006-1153", }, { db: "NVD", id: "CVE-2020-3274", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35163", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006863", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1153", }, { date: "2020-06-18T03:15:12.167000", db: "NVD", id: "CVE-2020-3274", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35163", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006863", }, { date: "2020-07-03T00:00:00", db: "CNNVD", id: "CNNVD-202006-1153", }, { date: "2024-11-21T05:30:42.173000", db: "NVD", id: "CVE-2020-3274", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1153", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV In series routers OS Command injection vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-006863", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202006-1153", }, ], trust: 0.6, }, }
var-202006-1117
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.
There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1117", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "NVD", id: "CVE-2020-3276", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006865", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Kai Cheng", sources: [ { db: "CNNVD", id: "CNNVD-202006-1156", }, ], trust: 0.6, }, cve: "CVE-2020-3276", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3276", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006865", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-35166", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3276", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3276", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006865", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3276", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3276", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006865", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-35166", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1156", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "CNNVD", id: "CNNVD-202006-1156", }, { db: "NVD", id: "CVE-2020-3276", }, { db: "NVD", id: "CVE-2020-3276", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user", sources: [ { db: "NVD", id: "CVE-2020-3276", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "CNVD", id: "CNVD-2020-35166", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3276", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006865", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-35166", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1156", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "CNNVD", id: "CNNVD-202006-1156", }, { db: "NVD", id: "CVE-2020-3276", }, ], }, id: "VAR-202006-1117", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, ], }, last_update_date: "2024-11-23T22:47:58.799000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-Rj5JRfF8", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { title: "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35166)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/223613", }, { title: "Multiple Cisco Product Command Injection Vulnerability Fixes", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123006", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "CNNVD", id: "CNNVD-202006-1156", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-78", trust: 1.8, }, { problemtype: "CWE-77", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "NVD", id: "CVE-2020-3276", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3276", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3276", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-35166", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "CNNVD", id: "CNNVD-202006-1156", }, { db: "NVD", id: "CVE-2020-3276", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-35166", }, { db: "JVNDB", id: "JVNDB-2020-006865", }, { db: "CNNVD", id: "CNNVD-202006-1156", }, { db: "NVD", id: "CVE-2020-3276", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35166", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006865", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1156", }, { date: "2020-06-18T03:15:12.340000", db: "NVD", id: "CVE-2020-3276", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-30T00:00:00", db: "CNVD", id: "CNVD-2020-35166", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006865", }, { date: "2020-08-04T00:00:00", db: "CNNVD", id: "CNNVD-202006-1156", }, { date: "2024-11-21T05:30:42.420000", db: "NVD", id: "CVE-2020-3276", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1156", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV In series routers OS Command injection vulnerabilities", sources: [ { db: "JVNDB", id: "JVNDB-2020-006865", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202006-1156", }, ], trust: 0.6, }, }
var-202006-1128
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1128", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "NVD", id: "CVE-2020-3292", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006856", }, ], }, cve: "CVE-2020-3292", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3292", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006856", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-34326", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3292", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3292", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006856", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3292", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3292", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006856", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-34326", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1160", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "CNNVD", id: "CNNVD-202006-1160", }, { db: "NVD", id: "CVE-2020-3292", }, { db: "NVD", id: "CVE-2020-3292", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3292", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "CNVD", id: "CNVD-2020-34326", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3292", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006856", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-34326", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1160", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "CNNVD", id: "CNNVD-202006-1160", }, { db: "NVD", id: "CVE-2020-3292", }, ], }, id: "VAR-202006-1128", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, ], }, last_update_date: "2024-11-23T21:35:43.532000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-34326)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/222919", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121853", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "CNNVD", id: "CNNVD-202006-1160", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "NVD", id: "CVE-2020-3292", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3292", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3292", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34326", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "CNNVD", id: "CNNVD-202006-1160", }, { db: "NVD", id: "CVE-2020-3292", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-34326", }, { db: "JVNDB", id: "JVNDB-2020-006856", }, { db: "CNNVD", id: "CNNVD-202006-1160", }, { db: "NVD", id: "CVE-2020-3292", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34326", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006856", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1160", }, { date: "2020-06-18T03:15:13.247000", db: "NVD", id: "CVE-2020-3292", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34326", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006856", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1160", }, { date: "2024-11-21T05:30:44.440000", db: "NVD", id: "CVE-2020-3292", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1160", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006856", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1160", }, ], trust: 0.6, }, }
var-202006-1127
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1127", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "NVD", id: "CVE-2020-3291", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006855", }, ], }, cve: "CVE-2020-3291", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3291", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006855", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-34327", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3291", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3291", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006855", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3291", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3291", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006855", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-34327", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1161", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "CNNVD", id: "CNNVD-202006-1161", }, { db: "NVD", id: "CVE-2020-3291", }, { db: "NVD", id: "CVE-2020-3291", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3291", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "CNVD", id: "CNVD-2020-34327", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3291", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006855", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-34327", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1161", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "CNNVD", id: "CNNVD-202006-1161", }, { db: "NVD", id: "CVE-2020-3291", }, ], }, id: "VAR-202006-1127", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, ], }, last_update_date: "2024-11-23T21:35:43.824000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-34327)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/222917", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121854", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "CNNVD", id: "CNNVD-202006-1161", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "NVD", id: "CVE-2020-3291", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3291", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3291", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34327", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "CNNVD", id: "CNNVD-202006-1161", }, { db: "NVD", id: "CVE-2020-3291", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-34327", }, { db: "JVNDB", id: "JVNDB-2020-006855", }, { db: "CNNVD", id: "CNNVD-202006-1161", }, { db: "NVD", id: "CVE-2020-3291", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34327", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006855", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1161", }, { date: "2020-06-18T03:15:13.167000", db: "NVD", id: "CVE-2020-3291", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34327", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006855", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1161", }, { date: "2024-11-21T05:30:44.317000", db: "NVD", id: "CVE-2020-3291", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1161", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006855", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1161", }, ], trust: 0.6, }, }
var-202304-0144
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0144", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "NVD", id: "CVE-2023-20144", }, ], }, cve: "CVE-2023-20144", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20144", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20144", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20144", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20144", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20144", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-303", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "CNNVD", id: "CNNVD-202304-303", }, { db: "NVD", id: "CVE-2023-20144", }, { db: "NVD", id: "CVE-2023-20144", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20144", }, { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "VULMON", id: "CVE-2023-20144", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20144", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-007114", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-303", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20144", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20144", }, { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "CNNVD", id: "CNNVD-202304-303", }, { db: "NVD", id: "CVE-2023-20144", }, ], }, id: "VAR-202304-0144", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.150000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233401", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20144", }, { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "CNNVD", id: "CNNVD-202304-303", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "NVD", id: "CVE-2023-20144", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20144", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20144/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20144", }, { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "CNNVD", id: "CNNVD-202304-303", }, { db: "NVD", id: "CVE-2023-20144", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20144", }, { db: "JVNDB", id: "JVNDB-2023-007114", }, { db: "CNNVD", id: "CNNVD-202304-303", }, { db: "NVD", id: "CVE-2023-20144", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20144", }, { date: "2023-11-17T00:00:00", db: "JVNDB", id: "JVNDB-2023-007114", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-303", }, { date: "2023-04-05T19:15:09.017000", db: "NVD", id: "CVE-2023-20144", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20144", }, { date: "2023-11-17T05:58:00", db: "JVNDB", id: "JVNDB-2023-007114", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-303", }, { date: "2023-11-07T04:06:12.957000", db: "NVD", id: "CVE-2023-20144", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-303", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-007114", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-303", }, ], trust: 0.6, }, }
var-202006-1126
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1126", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "NVD", id: "CVE-2020-3290", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006854", }, ], }, cve: "CVE-2020-3290", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3290", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006854", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-34328", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3290", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3290", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006854", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3290", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3290", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006854", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-34328", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1162", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "CNNVD", id: "CNNVD-202006-1162", }, { db: "NVD", id: "CVE-2020-3290", }, { db: "NVD", id: "CVE-2020-3290", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3290", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "CNVD", id: "CNVD-2020-34328", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3290", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006854", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-34328", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1162", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "CNNVD", id: "CNNVD-202006-1162", }, { db: "NVD", id: "CVE-2020-3290", }, ], }, id: "VAR-202006-1126", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, ], }, last_update_date: "2024-11-23T21:35:43.741000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-34328)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/222913", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121855", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "CNNVD", id: "CNNVD-202006-1162", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "NVD", id: "CVE-2020-3290", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3290", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3290", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34328", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "CNNVD", id: "CNNVD-202006-1162", }, { db: "NVD", id: "CVE-2020-3290", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-34328", }, { db: "JVNDB", id: "JVNDB-2020-006854", }, { db: "CNNVD", id: "CNNVD-202006-1162", }, { db: "NVD", id: "CVE-2020-3290", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34328", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006854", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1162", }, { date: "2020-06-18T03:15:13.073000", db: "NVD", id: "CVE-2020-3290", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34328", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006854", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1162", }, { date: "2024-11-21T05:30:44.200000", db: "NVD", id: "CVE-2020-3290", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1162", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006854", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1162", }, ], trust: 0.6, }, }
var-202304-0149
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0149", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "NVD", id: "CVE-2023-20149", }, ], }, cve: "CVE-2023-20149", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20149", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20149", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20149", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20149", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20149", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-289", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "CNNVD", id: "CNNVD-202304-289", }, { db: "NVD", id: "CVE-2023-20149", }, { db: "NVD", id: "CVE-2023-20149", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20149", }, { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "VULMON", id: "CVE-2023-20149", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20149", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006866", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-289", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20149", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20149", }, { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "CNNVD", id: "CNNVD-202304-289", }, { db: "NVD", id: "CVE-2023-20149", }, ], }, id: "VAR-202304-0149", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:53.681000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233387", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20149", }, { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "CNNVD", id: "CNNVD-202304-289", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "NVD", id: "CVE-2023-20149", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20149", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20149/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20149", }, { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "CNNVD", id: "CNNVD-202304-289", }, { db: "NVD", id: "CVE-2023-20149", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20149", }, { db: "JVNDB", id: "JVNDB-2023-006866", }, { db: "CNNVD", id: "CNNVD-202304-289", }, { db: "NVD", id: "CVE-2023-20149", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20149", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006866", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-289", }, { date: "2023-04-05T19:15:09.277000", db: "NVD", id: "CVE-2023-20149", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20149", }, { date: "2023-11-16T07:23:00", db: "JVNDB", id: "JVNDB-2023-006866", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-289", }, { date: "2023-11-07T04:06:14.680000", db: "NVD", id: "CVE-2023-20149", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-289", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006866", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-289", }, ], trust: 0.6, }, }
var-202006-1125
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1125", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, { db: "NVD", id: "CVE-2020-3289", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, ], }, cve: "CVE-2020-3289", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3289", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006853", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3289", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3289", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006853", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3289", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3289", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006853", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202006-1169", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, { db: "CNNVD", id: "CNNVD-202006-1169", }, { db: "NVD", id: "CVE-2020-3289", }, { db: "NVD", id: "CVE-2020-3289", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state", sources: [ { db: "NVD", id: "CVE-2020-3289", }, { db: "JVNDB", id: "JVNDB-2020-006853", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3289", trust: 2.4, }, { db: "JVNDB", id: "JVNDB-2020-006853", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1169", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, { db: "CNNVD", id: "CNNVD-202006-1169", }, { db: "NVD", id: "CVE-2020-3289", }, ], }, id: "VAR-202006-1125", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.51422708, }, last_update_date: "2024-11-23T21:35:43.720000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, { db: "NVD", id: "CVE-2020-3289", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3289", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3289", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, { db: "CNNVD", id: "CNNVD-202006-1169", }, { db: "NVD", id: "CVE-2020-3289", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, { db: "CNNVD", id: "CNNVD-202006-1169", }, { db: "NVD", id: "CVE-2020-3289", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006853", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1169", }, { date: "2020-06-18T03:15:12.997000", db: "NVD", id: "CVE-2020-3289", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006853", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1169", }, { date: "2024-11-21T05:30:44.080000", db: "NVD", id: "CVE-2020-3289", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1169", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006853", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1169", }, ], trust: 0.6, }, }
var-202304-1067
Vulnerability from variot
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Multiple Cisco Systems products, including firmware, contain vulnerabilities related to input validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-1067", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "4.2.3.08", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "4.2.3.08", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "1.5.1.13", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "4.2.3.08", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "1.5.1.13", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "4.2.3.08", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "1.5.1.13", }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "1.5.1.13", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "4.2.3.08", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "1.5.1.13", }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "4.2.3.08", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "1.5.1.13", }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "NVD", id: "CVE-2023-20118", }, ], }, cve: "CVE-2023-20118", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-20118", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-20118", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-20118", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20118", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20118", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20118", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202304-1035", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "CNNVD", id: "CNNVD-202304-1035", }, { db: "NVD", id: "CVE-2023-20118", }, { db: "NVD", id: "CVE-2023-20118", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. \r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. \r\n\r Cisco has not and will not release software updates that address this vulnerability. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Multiple Cisco Systems products, including firmware, contain vulnerabilities related to input validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-20118", }, { db: "JVNDB", id: "JVNDB-2023-008395", }, ], trust: 1.62, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20118", trust: 3.2, }, { db: "JVNDB", id: "JVNDB-2023-008395", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-202304-1035", trust: 0.6, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "CNNVD", id: "CNNVD-202304-1035", }, { db: "NVD", id: "CVE-2023-20118", }, ], }, id: "VAR-202304-1067", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T15:26:43.465000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-sbr042-multi-vuln-ej76Pke5", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { title: "Cisco Small Business Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=234571", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "CNNVD", id: "CNNVD-202304-1035", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-77", trust: 1, }, { problemtype: "CWE-20", trust: 1, }, { problemtype: "Inappropriate input confirmation (CWE-20) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "NVD", id: "CVE-2023-20118", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.6, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbr042-multi-vuln-ej76pke5", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20118", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20118/", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "CNNVD", id: "CNNVD-202304-1035", }, { db: "NVD", id: "CVE-2023-20118", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, { db: "CNNVD", id: "CNNVD-202304-1035", }, { db: "NVD", id: "CVE-2023-20118", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-01T00:00:00", db: "JVNDB", id: "JVNDB-2023-008395", }, { date: "2023-04-13T00:00:00", db: "CNNVD", id: "CNNVD-202304-1035", }, { date: "2023-04-13T07:15:21.080000", db: "NVD", id: "CVE-2023-20118", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-12-01T03:01:00", db: "JVNDB", id: "JVNDB-2023-008395", }, { date: "2023-04-23T00:00:00", db: "CNNVD", id: "CNNVD-202304-1035", }, { date: "2024-01-25T17:15:31.090000", db: "NVD", id: "CVE-2023-20118", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-1035", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Input validation vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-008395", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-202304-1035", }, ], trust: 0.6, }, }
var-202006-1122
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1122", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "NVD", id: "CVE-2020-3286", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006860", }, ], }, cve: "CVE-2020-3286", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3286", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006860", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "CNVD", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CNVD-2020-36259", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3286", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3286", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006860", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3286", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3286", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006860", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-36259", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1165", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "CNNVD", id: "CNNVD-202006-1165", }, { db: "NVD", id: "CVE-2020-3286", }, { db: "NVD", id: "CVE-2020-3286", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3286", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "CNVD", id: "CNVD-2020-36259", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3286", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006860", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-36259", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1165", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "CNNVD", id: "CNNVD-202006-1165", }, { db: "NVD", id: "CVE-2020-3286", }, ], }, id: "VAR-202006-1122", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, ], }, last_update_date: "2024-11-23T21:35:43.850000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-36259)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/224607", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121858", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "CNNVD", id: "CNNVD-202006-1165", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "NVD", id: "CVE-2020-3286", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.8, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3286", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3286", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-36259", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "CNNVD", id: "CNNVD-202006-1165", }, { db: "NVD", id: "CVE-2020-3286", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-36259", }, { db: "JVNDB", id: "JVNDB-2020-006860", }, { db: "CNNVD", id: "CNNVD-202006-1165", }, { db: "NVD", id: "CVE-2020-3286", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36259", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006860", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1165", }, { date: "2020-06-18T03:15:12.730000", db: "NVD", id: "CVE-2020-3286", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-07-06T00:00:00", db: "CNVD", id: "CNVD-2020-36259", }, { date: "2020-07-21T00:00:00", db: "JVNDB", id: "JVNDB-2020-006860", }, { date: "2021-09-23T00:00:00", db: "CNNVD", id: "CNNVD-202006-1165", }, { date: "2024-11-21T05:30:43.687000", db: "NVD", id: "CVE-2020-3286", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1165", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006860", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1165", }, ], trust: 0.6, }, }
var-202301-0961
Vulnerability from variot
A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote attacker to inject arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input fields within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202301-0961", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "NVD", id: "CVE-2023-20026", }, ], }, cve: "CVE-2023-20026", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-20026", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-20026", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-20026", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20026", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20026", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20026", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202301-947", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "CNNVD", id: "CNNVD-202301-947", }, { db: "NVD", id: "CVE-2023-20026", }, { db: "NVD", id: "CVE-2023-20026", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote attacker to inject arbitrary commands on an affected device. \r\n\r This vulnerability is due to improper validation of user input fields within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-20026", }, { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "VULMON", id: "CVE-2023-20026", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20026", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-002358", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.0171", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202301-947", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20026", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20026", }, { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "CNNVD", id: "CNNVD-202301-947", }, { db: "NVD", id: "CVE-2023-20026", }, ], }, id: "VAR-202301-0961", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:52:50.377000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-sbr042-multi-vuln-ej76Pke5", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { title: "Cisco Small Business RV016 Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=223495", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20026", }, { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "CNNVD", id: "CNNVD-202301-947", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-77", trust: 1, }, { problemtype: "CWE-20", trust: 1, }, { problemtype: "Inappropriate input confirmation (CWE-20) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "NVD", id: "CVE-2023-20026", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbr042-multi-vuln-ej76pke5", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20026", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.0171", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20026/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20026", }, { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "CNNVD", id: "CNNVD-202301-947", }, { db: "NVD", id: "CVE-2023-20026", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20026", }, { db: "JVNDB", id: "JVNDB-2023-002358", }, { db: "CNNVD", id: "CNNVD-202301-947", }, { db: "NVD", id: "CVE-2023-20026", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-20T00:00:00", db: "VULMON", id: "CVE-2023-20026", }, { date: "2023-07-07T00:00:00", db: "JVNDB", id: "JVNDB-2023-002358", }, { date: "2023-01-12T00:00:00", db: "CNNVD", id: "CNNVD-202301-947", }, { date: "2023-01-20T07:15:14.813000", db: "NVD", id: "CVE-2023-20026", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-01-20T00:00:00", db: "VULMON", id: "CVE-2023-20026", }, { date: "2023-07-07T02:23:00", db: "JVNDB", id: "JVNDB-2023-002358", }, { date: "2023-02-02T00:00:00", db: "CNNVD", id: "CNNVD-202301-947", }, { date: "2024-01-25T17:15:25.637000", db: "NVD", id: "CVE-2023-20026", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202301-947", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cisco Small Business Routers RV042 Input validation vulnerability in series", sources: [ { db: "JVNDB", id: "JVNDB-2023-002358", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-202301-947", }, ], trust: 0.6, }, }
var-202006-1130
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1130", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "NVD", id: "CVE-2020-3294", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006858", }, ], }, cve: "CVE-2020-3294", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3294", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006858", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-34324", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3294", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3294", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006858", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3294", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3294", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006858", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-34324", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1158", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "CNNVD", id: "CNNVD-202006-1158", }, { db: "NVD", id: "CVE-2020-3294", }, { db: "NVD", id: "CVE-2020-3294", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3294", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "CNVD", id: "CNVD-2020-34324", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3294", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006858", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-34324", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1158", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "CNNVD", id: "CNNVD-202006-1158", }, { db: "NVD", id: "CVE-2020-3294", }, ], }, id: "VAR-202006-1130", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, ], }, last_update_date: "2024-11-23T21:35:43.559000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-34324)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/222923", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121851", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "CNNVD", id: "CNNVD-202006-1158", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "NVD", id: "CVE-2020-3294", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3294", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3294", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34324", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "CNNVD", id: "CNNVD-202006-1158", }, { db: "NVD", id: "CVE-2020-3294", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-34324", }, { db: "JVNDB", id: "JVNDB-2020-006858", }, { db: "CNNVD", id: "CNNVD-202006-1158", }, { db: "NVD", id: "CVE-2020-3294", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34324", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006858", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1158", }, { date: "2020-06-18T03:15:13.417000", db: "NVD", id: "CVE-2020-3294", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34324", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006858", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1158", }, { date: "2024-11-21T05:30:45.057000", db: "NVD", id: "CVE-2020-3294", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1158", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006858", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1158", }, ], trust: 0.6, }, }
var-202304-0279
Vulnerability from variot
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Command injection vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0279", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "NVD", id: "CVE-2023-20124", }, ], }, cve: "CVE-2023-20124", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-20124", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2023-20124", impactScore: 5.2, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2023-20124", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20124", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20124", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20124", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-202304-330", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "CNNVD", id: "CNNVD-202304-330", }, { db: "NVD", id: "CVE-2023-20124", }, { db: "NVD", id: "CVE-2023-20124", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Command injection vulnerabilities exist in multiple Cisco Systems products, including firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state", sources: [ { db: "NVD", id: "CVE-2023-20124", }, { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "VULMON", id: "CVE-2023-20124", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20124", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006871", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2024", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-330", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20124", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20124", }, { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "CNNVD", id: "CNNVD-202304-330", }, { db: "NVD", id: "CVE-2023-20124", }, ], }, id: "VAR-202304-0279", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T14:01:58.097000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, { title: "Cisco Small Business Fixes for command injection vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233028", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20124", }, { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "CNNVD", id: "CNNVD-202304-330", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-77", trust: 1, }, { problemtype: "Command injection (CWE-77) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "NVD", id: "CVE-2023-20124", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv01x_rv32x_rce-nzagwwdd", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20124", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20124/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2024", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20124", }, { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "CNNVD", id: "CNNVD-202304-330", }, { db: "NVD", id: "CVE-2023-20124", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20124", }, { db: "JVNDB", id: "JVNDB-2023-006871", }, { db: "CNNVD", id: "CNNVD-202304-330", }, { db: "NVD", id: "CVE-2023-20124", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20124", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006871", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-330", }, { date: "2023-04-05T18:15:07.590000", db: "NVD", id: "CVE-2023-20124", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20124", }, { date: "2023-11-16T07:39:00", db: "JVNDB", id: "JVNDB-2023-006871", }, { date: "2023-04-12T00:00:00", db: "CNNVD", id: "CNNVD-202304-330", }, { date: "2023-11-07T04:06:07.280000", db: "NVD", id: "CVE-2023-20124", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-330", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Command injection vulnerabilities in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006871", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "command injection", sources: [ { db: "CNNVD", id: "CNNVD-202304-330", }, ], trust: 0.6, }, }
var-202304-0292
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0292", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: "*", }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "NVD", id: "CVE-2023-20146", }, ], }, cve: "CVE-2023-20146", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20146", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20146", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20146", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20146", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20146", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-309", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "CNNVD", id: "CNNVD-202304-309", }, { db: "NVD", id: "CVE-2023-20146", }, { db: "NVD", id: "CVE-2023-20146", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20146", }, { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "VULMON", id: "CVE-2023-20146", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20146", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-007107", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-309", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20146", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20146", }, { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "CNNVD", id: "CNNVD-202304-309", }, { db: "NVD", id: "CVE-2023-20146", }, ], }, id: "VAR-202304-0292", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:53.656000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233407", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20146", }, { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "CNNVD", id: "CNNVD-202304-309", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "NVD", id: "CVE-2023-20146", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20146", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20146/", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20146", }, { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "CNNVD", id: "CNNVD-202304-309", }, { db: "NVD", id: "CVE-2023-20146", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20146", }, { db: "JVNDB", id: "JVNDB-2023-007107", }, { db: "CNNVD", id: "CNNVD-202304-309", }, { db: "NVD", id: "CVE-2023-20146", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20146", }, { date: "2023-11-17T00:00:00", db: "JVNDB", id: "JVNDB-2023-007107", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-309", }, { date: "2023-04-05T19:15:09.107000", db: "NVD", id: "CVE-2023-20146", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20146", }, { date: "2023-11-17T05:53:00", db: "JVNDB", id: "JVNDB-2023-007107", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-309", }, { date: "2023-11-07T04:06:13.720000", db: "NVD", id: "CVE-2023-20146", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-309", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-007107", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-309", }, ], trust: 0.6, }, }
var-202304-0344
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202304-0344", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv082", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv325", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv320", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv042g", scope: "eq", trust: 1, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv325 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "cisco rv320 dual gigabit wan vpn ルータ", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "シスコシステムズ", version: null, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "NVD", id: "CVE-2023-20151", }, ], }, cve: "CVE-2023-20151", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", exploitabilityScore: 2.8, id: "CVE-2023-20151", impactScore: 2.7, integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", trust: 2, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "None", baseScore: 6.1, baseSeverity: "Medium", confidentialityImpact: "Low", exploitabilityScore: null, id: "CVE-2023-20151", impactScore: null, integrityImpact: "Low", privilegesRequired: "None", scope: "Changed", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2023-20151", trust: 1, value: "MEDIUM", }, { author: "ykramarz@cisco.com", id: "CVE-2023-20151", trust: 1, value: "MEDIUM", }, { author: "NVD", id: "CVE-2023-20151", trust: 0.8, value: "Medium", }, { author: "CNNVD", id: "CNNVD-202304-287", trust: 0.6, value: "MEDIUM", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "CNNVD", id: "CNNVD-202304-287", }, { db: "NVD", id: "CVE-2023-20151", }, { db: "NVD", id: "CVE-2023-20151", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with", sources: [ { db: "NVD", id: "CVE-2023-20151", }, { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "VULMON", id: "CVE-2023-20151", }, ], trust: 1.71, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2023-20151", trust: 3.3, }, { db: "JVNDB", id: "JVNDB-2023-006864", trust: 0.8, }, { db: "AUSCERT", id: "ESB-2023.2020", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202304-287", trust: 0.6, }, { db: "VULMON", id: "CVE-2023-20151", trust: 0.1, }, ], sources: [ { db: "VULMON", id: "CVE-2023-20151", }, { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "CNNVD", id: "CNNVD-202304-287", }, { db: "NVD", id: "CVE-2023-20151", }, ], }, id: "VAR-202304-0344", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VARIoT devices database", id: null, }, ], trust: 0.41167478, }, last_update_date: "2024-08-14T13:20:54.071000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-stored-xss-vqz7gC8W", trust: 0.8, url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { title: "Cisco Small Business Fixes for cross-site scripting vulnerabilities", trust: 0.6, url: "http://123.124.177.30/web/xxk/bdxqById.tag?id=233385", }, { title: "Cisco: Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20151", }, { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "CNNVD", id: "CNNVD-202304-287", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-79", trust: 1, }, { problemtype: "Cross-site scripting (CWE-79) [NVD evaluation ]", trust: 0.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "NVD", id: "CVE-2023-20151", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-stored-xss-vqz7gc8w", }, { trust: 0.8, url: "https://nvd.nist.gov/vuln/detail/cve-2023-20151", }, { trust: 0.6, url: "https://cxsecurity.com/cveshow/cve-2023-20151/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2023.2020", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "VULMON", id: "CVE-2023-20151", }, { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "CNNVD", id: "CNNVD-202304-287", }, { db: "NVD", id: "CVE-2023-20151", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULMON", id: "CVE-2023-20151", }, { db: "JVNDB", id: "JVNDB-2023-006864", }, { db: "CNNVD", id: "CNNVD-202304-287", }, { db: "NVD", id: "CVE-2023-20151", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-05T00:00:00", db: "VULMON", id: "CVE-2023-20151", }, { date: "2023-11-16T00:00:00", db: "JVNDB", id: "JVNDB-2023-006864", }, { date: "2023-04-05T00:00:00", db: "CNNVD", id: "CNNVD-202304-287", }, { date: "2023-04-05T19:15:09.373000", db: "NVD", id: "CVE-2023-20151", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2023-04-06T00:00:00", db: "VULMON", id: "CVE-2023-20151", }, { date: "2023-11-16T07:20:00", db: "JVNDB", id: "JVNDB-2023-006864", }, { date: "2023-04-14T00:00:00", db: "CNNVD", id: "CNNVD-202304-287", }, { date: "2023-11-07T04:06:15.360000", db: "NVD", id: "CVE-2023-20151", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202304-287", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Cross-site scripting vulnerability in multiple Cisco Systems products", sources: [ { db: "JVNDB", id: "JVNDB-2023-006864", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "XSS", sources: [ { db: "CNNVD", id: "CNNVD-202304-287", }, ], trust: 0.6, }, }
var-202006-1129
Vulnerability from variot
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1129", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "rv320", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv325", scope: "lte", trust: 1, vendor: "cisco", version: "1.5.1.05", }, { model: "rv042g", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv082", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv016", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv042", scope: "lte", trust: 1, vendor: "cisco", version: "4.2.3.10", }, { model: "rv320 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv325 dual gigabit wan vpn router", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv016 multi-wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv042g dual gigabit wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "rv082 dual wan vpn", scope: null, trust: 0.8, vendor: "cisco", version: null, }, { model: "small business rv016 multi-wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv042g dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv082 dual wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=4.2.3.10", }, { model: "rv320 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, { model: "rv325 dual gigabit wan vpn", scope: "lte", trust: 0.6, vendor: "cisco", version: "<=1.5.1.05", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "NVD", id: "CVE-2020-3293", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:cisco:rv320_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv325_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv016_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv042g_firmware", vulnerable: true, }, { cpe22Uri: "cpe:/o:cisco:rv082_firmware", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006857", }, ], }, cve: "CVE-2020-3293", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", exploitabilityScore: 8, id: "CVE-2020-3293", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "Single", author: "NVD", availabilityImpact: "Complete", baseScore: 9, confidentialityImpact: "Complete", exploitabilityScore: null, id: "JVNDB-2020-006857", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2020-34325", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3293", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "LOW", attackVector: "NETWORK", author: "ykramarz@cisco.com", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.2, id: "CVE-2020-3293", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", trust: 1, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 7.2, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "JVNDB-2020-006857", impactScore: null, integrityImpact: "High", privilegesRequired: "High", scope: "Unchanged", trust: 0.8, userInteraction: "None", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2020-3293", trust: 1, value: "HIGH", }, { author: "ykramarz@cisco.com", id: "CVE-2020-3293", trust: 1, value: "HIGH", }, { author: "NVD", id: "JVNDB-2020-006857", trust: 0.8, value: "High", }, { author: "CNVD", id: "CNVD-2020-34325", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-202006-1159", trust: 0.6, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "CNNVD", id: "CNNVD-202006-1159", }, { db: "NVD", id: "CVE-2020-3293", }, { db: "NVD", id: "CVE-2020-3293", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary", sources: [ { db: "NVD", id: "CVE-2020-3293", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "CNVD", id: "CNVD-2020-34325", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2020-3293", trust: 3, }, { db: "JVNDB", id: "JVNDB-2020-006857", trust: 0.8, }, { db: "CNVD", id: "CNVD-2020-34325", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2119.2", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-202006-1159", trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "CNNVD", id: "CNNVD-202006-1159", }, { db: "NVD", id: "CVE-2020-3293", }, ], }, id: "VAR-202006-1129", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, ], trust: 1.1951892333333332, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, ], }, last_update_date: "2024-11-23T21:35:43.694000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "cisco-sa-rv-routers-stack-vUxHmnNz", trust: 0.8, url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { title: "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-34325)", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/222921", }, { title: "Multiple Cisco Product Buffer Error Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121852", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "CNNVD", id: "CNNVD-202006-1159", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.8, }, { problemtype: "CWE-787", trust: 1, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "NVD", id: "CVE-2020-3293", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.2, url: "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz", }, { trust: 2, url: "https://nvd.nist.gov/vuln/detail/cve-2020-3293", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3293", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2119.2/", }, ], sources: [ { db: "CNVD", id: "CNVD-2020-34325", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "CNNVD", id: "CNNVD-202006-1159", }, { db: "NVD", id: "CVE-2020-3293", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2020-34325", }, { db: "JVNDB", id: "JVNDB-2020-006857", }, { db: "CNNVD", id: "CNNVD-202006-1159", }, { db: "NVD", id: "CVE-2020-3293", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34325", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006857", }, { date: "2020-06-17T00:00:00", db: "CNNVD", id: "CNNVD-202006-1159", }, { date: "2020-06-18T03:15:13.323000", db: "NVD", id: "CVE-2020-3293", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-06-23T00:00:00", db: "CNVD", id: "CNVD-2020-34325", }, { date: "2020-07-20T00:00:00", db: "JVNDB", id: "JVNDB-2020-006857", }, { date: "2021-08-09T00:00:00", db: "CNNVD", id: "CNNVD-202006-1159", }, { date: "2024-11-21T05:30:44.930000", db: "NVD", id: "CVE-2020-3293", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-202006-1159", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "plural Cisco Small Business RV Buffer error vulnerability in series routers", sources: [ { db: "JVNDB", id: "JVNDB-2020-006857", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer error", sources: [ { db: "CNNVD", id: "CNNVD-202006-1159", }, ], trust: 0.6, }, }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20147", lastModified: "2024-11-21T07:40:39.787", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.167", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20151", lastModified: "2024-11-21T07:40:40.290", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.373", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3290", lastModified: "2024-11-21T05:30:44.200", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.073", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3293", lastModified: "2024-11-21T05:30:44.930", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.323", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-20 07:15
Modified
2025-03-12 17:15
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de los routers Cisco Small Business serie RV042 podría permitir que un atacante remoto no autenticado omita la autenticación en el dispositivo afectado. Esta vulnerabilidad se debe a una validación incorrecta de la entrada del usuario de los paquetes HTTP entrantes. Un atacante podría aprovechar esta vulnerabilidad enviando solicitudes manipuladas a la interfaz de administración basada en web. Un exploit exitoso podría permitir al atacante obtener privilegios de superusuario en el dispositivo afectado.", }, ], id: "CVE-2023-20025", lastModified: "2025-03-12T17:15:38.057", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-20T07:15:14.490", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-293", }, ], source: "psirt@cisco.com", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20141", lastModified: "2024-11-21T07:40:38.993", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.877", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Cisco Small Business RV320 y RV325 Series Routers y Cisco Small Business RV016, RV042, y RV082 Routers podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente una entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3274", lastModified: "2024-11-21T05:30:42.173", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.167", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20143", lastModified: "2024-11-21T07:40:39.253", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.973", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20150", lastModified: "2024-11-21T07:40:40.163", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.317", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20144", lastModified: "2024-11-21T07:40:39.377", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.017", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3286", lastModified: "2024-11-21T05:30:43.687", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.730", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20142", lastModified: "2024-11-21T07:40:39.123", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.920", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20149", lastModified: "2024-11-21T07:40:40.040", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.277", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-04 16:15
Modified
2024-11-21 06:23
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:ios_xr:4.2.3.06:*:*:*:*:*:*:*", matchCriteriaId: "4D9A5E39-C509-4C46-84C2-6EC81F87E920", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:application_extension_platform:1.5.1.13:*:*:*:*:*:*:*", matchCriteriaId: "31079AE3-0F4C-4DE1-BFD3-6694EFF54D70", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en la web de algunos routers de la serie RV de Cisco Small Business podría permitir a un atacante remoto autenticado con privilegios administrativos inyectar comandos arbitrarios en el sistema operativo subyacente y ejecutarlos usando privilegios de nivel de root. Esta vulnerabilidad es debido a que no se comprueba suficientemente la entrada proporcionada por el usuario. Un atacante podría explotar esta vulnerabilidad mediante el envío de una entrada maliciosa a un campo específico de la interfaz de administración basada en la web de un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en el sistema operativo Linux subyacente como un usuario con privilegios de nivel de root", }, ], id: "CVE-2021-40120", lastModified: "2024-11-21T06:23:36.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-04T16:15:09.430", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20140", lastModified: "2024-11-21T07:40:38.873", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.830", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3278", lastModified: "2024-11-21T05:30:42.657", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.497", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20148", lastModified: "2024-11-21T07:40:39.913", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.220", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3277", lastModified: "2024-11-21T05:30:42.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.417", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 18:15
Modified
2024-11-21 07:40
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C0C17C5F-4EB7-4859-8127-AE027A72CB2C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "69F1C458-0EF3-4AD6-9055-355711F3751E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.", }, ], id: "CVE-2023-20124", lastModified: "2024-11-21T07:40:36.627", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T18:15:07.590", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2017-05-16 17:29
Modified
2024-11-21 03:26
Severity ?
Summary
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | small_business_rv_router_firmware | 1.0.0.30 | |
| cisco | small_business_rv_router_firmware | 1.0.1.9 | |
| cisco | small_business_rv_router_firmware | 1.0.1.19 | |
| cisco | small_business_rv_router_firmware | 1.0.2.6 | |
| cisco | small_business_rv_router_firmware | 1.0.3.10 | |
| cisco | small_business_rv_router_firmware | 1.0.4.10 | |
| cisco | small_business_rv_router_firmware | 1.0.4.14 | |
| cisco | small_business_rv_router_firmware | 1.0.5.4 | |
| cisco | small_business_rv_router_firmware | 1.0.5.4\(gd\) | |
| cisco | small_business_rv_router_firmware | 1.0.5.5 | |
| cisco | small_business_rv_router_firmware | 1.0.5.6 | |
| cisco | small_business_rv_router_firmware | 1.0.5.8 | |
| cisco | small_business_rv_router_firmware | 1.0.6.6 | |
| cisco | small_business_rv_router_firmware | 1.0.39 | |
| cisco | small_business_rv_router_firmware_1.0 | 0.2 | |
| cisco | rv042 | - | |
| cisco | rv042g | - | |
| cisco | rv082 | - | |
| cisco | rv110w | - | |
| cisco | rv130 | - | |
| cisco | rv130_wf | - | |
| cisco | rv130w | - | |
| cisco | rv130w_wf | - | |
| cisco | rv132w | - | |
| cisco | rv134w | - | |
| cisco | rv215w | - | |
| cisco | rv320 | - | |
| cisco | rv320_wf | - | |
| cisco | rv325 | - | |
| cisco | rv325_wf | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.0.30:*:*:*:*:*:*:*", matchCriteriaId: "03D1AED9-624A-454E-9B73-853957947CEC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.1.9:*:*:*:*:*:*:*", matchCriteriaId: "88B18FD1-7AE6-4CFE-BABC-901530497D5F", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.1.19:*:*:*:*:*:*:*", matchCriteriaId: "72287189-EB01-44DC-B081-47286D576544", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.2.6:*:*:*:*:*:*:*", matchCriteriaId: "F9EAE238-2BB0-4B9B-AA93-B7D9D809E076", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.3.10:*:*:*:*:*:*:*", matchCriteriaId: "AFCC4E59-8D34-44F8-8964-B370962EEABE", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.4.10:*:*:*:*:*:*:*", matchCriteriaId: "1E9B6CA4-0743-4438-8EA7-9665C6816DBC", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.4.14:*:*:*:*:*:*:*", matchCriteriaId: "8F5C42F8-447D-4E27-BC0E-0097E9150460", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.4:*:*:*:*:*:*:*", matchCriteriaId: "23FAC7D9-086A-4411-B7F2-211DF1652C90", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.4\\(gd\\):*:*:*:*:*:*:*", matchCriteriaId: "55E16DCB-C702-4BFE-9161-C3EE5FDF721A", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.5:*:*:*:*:*:*:*", matchCriteriaId: "2E70A0FD-4551-419F-BAC8-1A0D1D4C1249", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.6:*:*:*:*:*:*:*", matchCriteriaId: "9D70C676-B906-4210-B002-24BB392A61A5", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.5.8:*:*:*:*:*:*:*", matchCriteriaId: "155C482F-8BF4-46C9-BA1E-E636CE8269CA", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.6.6:*:*:*:*:*:*:*", matchCriteriaId: "6D4B09BD-1992-4808-89D0-2A8DB2A0DE29", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware:1.0.39:*:*:*:*:*:*:*", matchCriteriaId: "57157941-8EE8-4A54-957A-56E3FC269124", vulnerable: true, }, { criteria: "cpe:2.3:a:cisco:small_business_rv_router_firmware_1.0:0.2:*:*:*:*:*:*:*", matchCriteriaId: "252E2C0F-2615-4415-955E-4E2E43DD80F3", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv110w:-:*:*:*:*:*:*:*", matchCriteriaId: "20E8ECAC-E842-41DB-9612-9374A9648DC2", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv130:-:*:*:*:*:*:*:*", matchCriteriaId: "D5D233CF-2504-4E69-9AD0-D3B631C8FC11", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv130_wf:-:*:*:*:*:*:*:*", matchCriteriaId: "8287635D-78E7-4A1C-A1C3-C7C1C8BCDB37", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv130w:-:*:*:*:*:*:*:*", matchCriteriaId: "C3C9AFAA-1387-4067-AF7E-2E4AAD2A272A", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv130w_wf:-:*:*:*:*:*:*:*", matchCriteriaId: "9ACB3BD3-FABD-49BA-A66D-AD394D95AB15", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv132w:-:*:*:*:*:*:*:*", matchCriteriaId: "8511C48D-9EA6-4521-988C-61E1035BEFA1", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv134w:-:*:*:*:*:*:*:*", matchCriteriaId: "39710CC4-1891-4E4B-AF65-AC2577CC8FFC", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv215w:-:*:*:*:*:*:*:*", matchCriteriaId: "8686AB22-F757-468A-930B-DDE45B508969", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv320_wf:-:*:*:*:*:*:*:*", matchCriteriaId: "55927BA3-5301-4F58-9E1C-A6811502D26B", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, { criteria: "cpe:2.3:h:cisco:rv325_wf:-:*:*:*:*:*:*:*", matchCriteriaId: "07841064-DF45-4636-9B7F-303CD6D4DF42", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.", }, { lang: "es", value: "Una vulnerabilidad en la implementación de Universal plug-and-play (UPnP) en el router CVR100W Wireless-N VPN de Cisco, podría permitir a un atacante de capa 2 no autenticado, ejecutar código arbitrario o causar una condición de denegación de servicio (DoS). La ejecución de código remota podría producirse con privilegios root. La vulnerabilidad es debido a comprobaciones de rango incompletas de los datos de entrada UPnP, lo que podría dar como resultado a un desbordamiento de búfer. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición maliciosa hacia el puerto de escucha UPnP del dispositivo de destino. Una explotación podría permitir al atacante causar que el dispositivo se recargue o potencialmente ejecutar código arbitrario con privilegios root. Esta vulnerabilidad afecta a todas las versiones de firmware del enrutador CVR100W Wireless-N VPN de Cisco anterior a Versión de Firmware 1.0.1.22. ID de bug de Cisco: CSCuz72642.", }, ], id: "CVE-2017-3882", lastModified: "2024-11-21T03:26:18.513", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "ADJACENT_NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:A/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 6.5, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 9.6, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-05-16T17:29:00.293", references: [ { source: "psirt@cisco.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98287", }, { source: "psirt@cisco.com", url: "http://www.securitytracker.com/id/1038391", }, { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/98287", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1038391", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3292", lastModified: "2024-11-21T05:30:44.440", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.247", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082 podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3275", lastModified: "2024-11-21T05:30:42.297", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.260", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20139", lastModified: "2024-11-21T07:40:38.747", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.780", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3279", lastModified: "2024-11-21T05:30:42.780", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.637", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-13 07:15
Modified
2025-03-12 17:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds ["#workarounds"] section.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ cisaActionDue: "2025-03-24", cisaExploitAdd: "2025-03-03", cisaRequiredAction: "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.", cisaVulnerabilityName: "Cisco Small Business RV Series Routers Command Injection Vulnerability", configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.\r\n\r Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds [\"#workarounds\"] section.\r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]", }, ], id: "CVE-2023-20118", lastModified: "2025-03-12T17:15:38.580", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-13T07:15:21.080", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3289", lastModified: "2024-11-21T05:30:44.080", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.997", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3296", lastModified: "2024-11-21T05:30:45.303", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.573", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3294", lastModified: "2024-11-21T05:30:45.057", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.417", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar comandos arbitrarios sobre un dispositivo afectado. Las vulnerabilidades se presentan porque la interfaz de administración basada en web no comprueba apropiadamente la entrada suministrada por el usuario para scripts. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones maliciosas hacia un dispositivo afectado. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3276", lastModified: "2024-11-21T05:30:42.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.340", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20145", lastModified: "2024-11-21T07:40:39.503", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.060", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-01-20 07:15
Modified
2025-03-12 17:15
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CCC05438-3064-4FB6-9177-9EA60C8E250C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F5A39236-B032-46BB-94D0-3E0E3E557BC0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E699C11F-3C7C-420D-9243-5CD2A6B98EF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "9EF65E38-D812-4F6E-903C-05E203F3E9F6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.", }, { lang: "es", value: "Una vulnerabilidad en la interfaz de administración basada en web de los routers Cisco Small Business serie RV042 podría permitir que un atacante remoto autenticado inyecte comandos arbitrarios en un dispositivo afectado. Esta vulnerabilidad se debe a una validación incorrecta de los campos de entrada del usuario dentro de los paquetes HTTP entrantes. Un atacante podría aprovechar esta vulnerabilidad enviando una solicitud manipulada a la interfaz de administración basada en web. Un exploit exitoso podría permitir al atacante ejecutar comandos arbitrarios en un dispositivo afectado con privilegios de nivel superusuario. Para aprovechar estas vulnerabilidades, un atacante necesitaría tener credenciales de administrador válidas en el dispositivo afectado.", }, ], id: "CVE-2023-20026", lastModified: "2025-03-12T17:15:38.390", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.2, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-01-20T07:15:14.813", references: [ { source: "psirt@cisco.com", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3288", lastModified: "2024-11-21T05:30:43.960", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.900", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20137", lastModified: "2024-11-21T07:40:38.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.663", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3291", lastModified: "2024-11-21T05:30:44.317", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.167", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que son suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3287", lastModified: "2024-11-21T05:30:43.827", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:12.823", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20146", lastModified: "2024-11-21T07:40:39.647", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:09.107", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-04-05 19:15
Modified
2024-11-21 07:40
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1E1462E9-4464-492C-8B91-6E020B9DCB23", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "85E01122-CD88-4096-958A-8699B2A3DC3C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "0A620D1C-1FBB-46C9-9904-1FC6342ED85E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "9BBDB4B5-9528-43CE-B8E6-B509EFCD11BA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "1EA568A8-286F-4588-B946-6F9C97E08BCF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F3B7DECE-18C4-45AE-AF5C-657A4795C7F0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], id: "CVE-2023-20138", lastModified: "2024-11-21T07:40:38.623", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "psirt@cisco.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-04-05T19:15:08.727", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-06-18 03:15
Modified
2024-11-21 05:30
Severity ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | * | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | * | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | * | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | * | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | * | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | * | |
| cisco | rv325 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv016_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "72B28584-394E-412D-9B2C-6B338081D102", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*", matchCriteriaId: "701E3CF5-15C0-419A-97A8-9BD2C55D74AB", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "D8F194C6-D0C6-46A7-AD6E-2678515365EF", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*", matchCriteriaId: "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv042g_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "644B7DB7-F3E1-4BAA-BE5C-53C2F90CB05A", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*", matchCriteriaId: "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv082_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8ACA4991-A60B-42CD-8A84-B1F8825812D6", versionEndIncluding: "4.2.3.10", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*", matchCriteriaId: "24FC4446-22C0-4EC9-84B4-A76412680105", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv320_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "6636D92B-B33D-4230-8E32-20B06F26FF8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*", matchCriteriaId: "7596F6D4-10DA-4F29-95AD-75B60F4670D6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:cisco:rv325_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "21EA1744-09E9-488D-B799-9AFBB6363C8F", versionEndIncluding: "1.5.1.05", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*", matchCriteriaId: "3435D601-EDA8-49FF-8841-EA6DF1518C75", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, { lang: "es", value: "Múltiples vulnerabilidades en la interfaz de administración basada en web de Routers Cisco Small Business RV320 y RV325 Series y Routers Cisco Small Business RV016, RV042, y RV082, podrían permitir a un atacante remoto autenticado con privilegios administrativos ejecutar código arbitrario sobre un dispositivo afectado. Las vulnerabilidades son debido a restricciones de límite insuficientes en la entrada suministrada por el usuario para scripts en la interfaz de administración basada en web. Un atacante con privilegios administrativos que sean suficientes para iniciar sesión en la interfaz de administración basada en web podría explotar cada vulnerabilidad mediante el envío de peticiones diseñadas que contienen valores demasiado grandes hacia un dispositivo afectado, causando un desbordamiento de la pila. Una explotación con éxito podría permitir al atacante causar que el dispositivo se bloquee o permitir al atacante ejecutar código arbitrario con privilegios root en el sistema operativo subyacente", }, ], id: "CVE-2020-3295", lastModified: "2024-11-21T05:30:45.183", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "psirt@cisco.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-06-18T03:15:13.497", references: [ { source: "psirt@cisco.com", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], sourceIdentifier: "psirt@cisco.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "psirt@cisco.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2020-3293
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.514Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3293", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:47.818871Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:52.769Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:09", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3293", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3293", datePublished: "2020-06-18T02:16:09.177103Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:52.769Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20026
Vulnerability from cvelistv5
Published
2023-01-19 01:33
Modified
2025-03-12 16:20
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 1.0.00.29 Version: 1.0.00.33 Version: 1.0.01.16 Version: 1.0.01.17 Version: 1.0.01.18 Version: 1.0.01.20 Version: 1.0.02.16 Version: 1.0.03.15 Version: 1.0.03.16 Version: 1.0.03.17 Version: 1.0.03.18 Version: 1.0.03.19 Version: 1.0.03.20 Version: 1.0.03.21 Version: 1.0.03.22 Version: 1.0.03.24 Version: 1.0.03.26 Version: 1.0.03.27 Version: 1.0.03.28 Version: 1.0.03.29 Version: 2.0.0.19-tm Version: 2.0.2.01-tm Version: 1.3.12.19-tm Version: 1.3.12.6-tm Version: 1.3.13.02-tm Version: 1.3.9.8-tm Version: 4.0.0.7 Version: 4.0.2.08-tm Version: 4.0.3.03-tm Version: 4.0.4.02-tm Version: 4.2.1.02 Version: 4.2.2.08 Version: 4.2.3.03 Version: 4.2.3.06 Version: 4.2.3.07 Version: 4.2.3.08 Version: 4.2.3.09 Version: 4.2.3.10 Version: 4.2.3.14 Version: 3.0.0.1-tm Version: 3.0.0.19-tm Version: 3.0.2.01-tm Version: 4.1.1.01 Version: 4.1.0.02-tm |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.554Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "1.0.00.29", }, { status: "affected", version: "1.0.00.33", }, { status: "affected", version: "1.0.01.16", }, { status: "affected", version: "1.0.01.17", }, { status: "affected", version: "1.0.01.18", }, { status: "affected", version: "1.0.01.20", }, { status: "affected", version: "1.0.02.16", }, { status: "affected", version: "1.0.03.15", }, { status: "affected", version: "1.0.03.16", }, { status: "affected", version: "1.0.03.17", }, { status: "affected", version: "1.0.03.18", }, { status: "affected", version: "1.0.03.19", }, { status: "affected", version: "1.0.03.20", }, { status: "affected", version: "1.0.03.21", }, { status: "affected", version: "1.0.03.22", }, { status: "affected", version: "1.0.03.24", }, { status: "affected", version: "1.0.03.26", }, { status: "affected", version: "1.0.03.27", }, { status: "affected", version: "1.0.03.28", }, { status: "affected", version: "1.0.03.29", }, { status: "affected", version: "2.0.0.19-tm", }, { status: "affected", version: "2.0.2.01-tm", }, { status: "affected", version: "1.3.12.19-tm", }, { status: "affected", version: "1.3.12.6-tm", }, { status: "affected", version: "1.3.13.02-tm", }, { status: "affected", version: "1.3.9.8-tm", }, { status: "affected", version: "4.0.0.7", }, { status: "affected", version: "4.0.2.08-tm", }, { status: "affected", version: "4.0.3.03-tm", }, { status: "affected", version: "4.0.4.02-tm", }, { status: "affected", version: "4.2.1.02", }, { status: "affected", version: "4.2.2.08", }, { status: "affected", version: "4.2.3.03", }, { status: "affected", version: "4.2.3.06", }, { status: "affected", version: "4.2.3.07", }, { status: "affected", version: "4.2.3.08", }, { status: "affected", version: "4.2.3.09", }, { status: "affected", version: "4.2.3.10", }, { status: "affected", version: "4.2.3.14", }, { status: "affected", version: "3.0.0.1-tm", }, { status: "affected", version: "3.0.0.19-tm", }, { status: "affected", version: "3.0.2.01-tm", }, { status: "affected", version: "4.1.1.01", }, { status: "affected", version: "4.1.0.02-tm", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for vulnerabilities CVE-2023-20025 and CVE-2023-20026 that are described in this advisory.\r\n\r\nIn March 2025, the Cisco PSIRT became aware of additional attempted exploitation of some of these vulnerabilities in the wild. Cisco continues to strongly recommend that customers upgrade their hardware to Meraki or Cisco 1000 Series Integrated Services Routers to remediate these vulnerabilities.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T16:20:12.515Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], source: { advisory: "cisco-sa-sbr042-multi-vuln-ej76Pke5", defects: [ "CSCwd60199", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20026", datePublished: "2023-01-19T01:33:26.928Z", dateReserved: "2022-10-27T18:47:50.309Z", dateUpdated: "2025-03-12T16:20:12.515Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3278
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.597Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3278", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:05.376930Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:35.272Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:27", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3278", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3278", datePublished: "2020-06-18T02:15:27.684050Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:35.272Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3291
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.764Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3291", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:50.963400Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:19.214Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:59", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3291", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3291", datePublished: "2020-06-18T02:15:59.362777Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:19.214Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3294
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.469Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3294", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:46.663893Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:36.043Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:13", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3294", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3294", datePublished: "2020-06-18T02:16:13.564380Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:36.043Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20143
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.889Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20143", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:02.534309Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:25.961Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20143", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:25.961Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20124
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-28 16:30
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:36.160Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20124", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:19:07.895615Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-28T16:30:19.467Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco has not released software updates that address this vulnerability.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", }, ], source: { advisory: "cisco-sa-sb-rv01x_rv32x_rce-nzAGWWDD", defect: [ [ "CSCwe67655", "CSCwe67659", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Remote Command Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20124", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-28T16:30:19.467Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20139
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.886Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20139", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:08.686490Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:56.640Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20139", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:56.640Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2017-3882
Vulnerability from cvelistv5
Published
2017-05-16 17:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1038391 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/98287 | vdb-entry, x_refsource_BID | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Cisco CVR100W Wireless-N VPN Router |
Version: Cisco CVR100W Wireless-N VPN Router |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T14:39:41.430Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1038391", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1038391", }, { name: "98287", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/98287", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Cisco CVR100W Wireless-N VPN Router", vendor: "n/a", versions: [ { status: "affected", version: "Cisco CVR100W Wireless-N VPN Router", }, ], }, ], datePublic: "2017-05-16T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-10T09:57:01", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "1038391", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1038391", }, { name: "98287", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/98287", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", ID: "CVE-2017-3882", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco CVR100W Wireless-N VPN Router", version: { version_data: [ { version_value: "Cisco CVR100W Wireless-N VPN Router", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. The remote code execution could occur with root privileges. The vulnerability is due to incomplete range checks of the UPnP input data, which could result in a buffer overflow. An attacker could exploit this vulnerability by sending a malicious request to the UPnP listening port of the targeted device. An exploit could allow the attacker to cause the device to reload or potentially execute arbitrary code with root privileges. This vulnerability affects all firmware releases of the Cisco CVR100W Wireless-N VPN Router prior to Firmware Release 1.0.1.22. Cisco Bug IDs: CSCuz72642.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "1038391", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1038391", }, { name: "98287", refsource: "BID", url: "http://www.securityfocus.com/bid/98287", }, { name: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1", refsource: "CONFIRM", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170503-cvr100w1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2017-3882", datePublished: "2017-05-16T17:00:00", dateReserved: "2016-12-21T00:00:00", dateUpdated: "2024-08-05T14:39:41.430Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20146
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-11-06 14:17
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.964Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20146", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:17:58.315861Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-06T14:17:20.500Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20146", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-11-06T14:17:20.500Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3287
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3287", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:01.050156Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:03.376Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:41", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3287", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3287", datePublished: "2020-06-18T02:15:41.213447Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:03.376Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20138
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 16:00
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.873Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20138", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:10.509886Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:00:12.109Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20138", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:00:12.109Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3279
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.994Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3279", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:04.093578Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:24.646Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:32", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3279", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3279", datePublished: "2020-06-18T02:15:32.305196Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:24.646Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20149
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.947Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20149", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:44.905161Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:46.117Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20149", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:46.117Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3277
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.583Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3277", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:06.541916Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:48.721Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:18", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3277", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3277", datePublished: "2020-06-18T02:15:18.274324Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:48.721Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20025
Vulnerability from cvelistv5
Published
2023-01-19 01:33
Modified
2025-03-12 16:18
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 2.0.0.19-tm Version: 2.0.2.01-tm Version: 1.3.12.19-tm Version: 1.3.12.6-tm Version: 1.3.13.02-tm Version: 1.3.9.8-tm Version: 4.0.0.7 Version: 4.0.2.08-tm Version: 4.0.3.03-tm Version: 4.0.4.02-tm Version: 4.2.1.02 Version: 4.2.2.08 Version: 4.2.3.03 Version: 4.2.3.06 Version: 4.2.3.07 Version: 4.2.3.08 Version: 4.2.3.09 Version: 4.2.3.10 Version: 4.2.3.14 Version: 3.0.0.1-tm Version: 3.0.0.19-tm Version: 3.0.2.01-tm Version: 4.1.1.01 Version: 4.1.0.02-tm |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.838Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20025", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-28T16:19:30.025204Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-28T16:41:32.942Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "2.0.0.19-tm", }, { status: "affected", version: "2.0.2.01-tm", }, { status: "affected", version: "1.3.12.19-tm", }, { status: "affected", version: "1.3.12.6-tm", }, { status: "affected", version: "1.3.13.02-tm", }, { status: "affected", version: "1.3.9.8-tm", }, { status: "affected", version: "4.0.0.7", }, { status: "affected", version: "4.0.2.08-tm", }, { status: "affected", version: "4.0.3.03-tm", }, { status: "affected", version: "4.0.4.02-tm", }, { status: "affected", version: "4.2.1.02", }, { status: "affected", version: "4.2.2.08", }, { status: "affected", version: "4.2.3.03", }, { status: "affected", version: "4.2.3.06", }, { status: "affected", version: "4.2.3.07", }, { status: "affected", version: "4.2.3.08", }, { status: "affected", version: "4.2.3.09", }, { status: "affected", version: "4.2.3.10", }, { status: "affected", version: "4.2.3.14", }, { status: "affected", version: "3.0.0.1-tm", }, { status: "affected", version: "3.0.0.19-tm", }, { status: "affected", version: "3.0.2.01-tm", }, { status: "affected", version: "4.1.1.01", }, { status: "affected", version: "4.1.0.02-tm", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for vulnerabilities CVE-2023-20025 and CVE-2023-20026 that are described in this advisory.\r\n\r\nIn March 2025, the Cisco PSIRT became aware of additional attempted exploitation of some of these vulnerabilities in the wild. Cisco continues to strongly recommend that customers upgrade their hardware to Meraki or Cisco 1000 Series Integrated Services Routers to remediate these vulnerabilities.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-293", description: "Using Referer Field for Authentication", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T16:18:58.629Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], source: { advisory: "cisco-sa-sbr042-multi-vuln-ej76Pke5", defects: [ "CSCwd47551", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20025", datePublished: "2023-01-19T01:33:39.023Z", dateReserved: "2022-10-27T18:47:50.309Z", dateUpdated: "2025-03-12T16:18:58.629Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20148
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.867Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20148", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:46.418433Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:53.157Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20148", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:53.157Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3289
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.857Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3289", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:58.505998Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:41.413Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:50", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3289", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3289", datePublished: "2020-06-18T02:15:50.484251Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:41.413Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20147
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:35.030Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20147", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:47.693942Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:00.487Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20147", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:00.487Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3292
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.724Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3292", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:49.277069Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:02.787Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:03", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3292", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3292", datePublished: "2020-06-18T02:16:04.053598Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:02.787Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3296
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.723Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3296", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:44.319650Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:13.549Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:22", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3296", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3296", datePublished: "2020-06-18T02:16:22.456163Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:13.549Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3275
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.580Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3275", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:31.940556Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:58:15.132Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:21:49", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3275", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3275", datePublished: "2020-06-18T02:21:50.062911Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:58:15.132Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20137
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 16:00
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.895Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20137", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:12.403435Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T16:00:19.865Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20137", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T16:00:19.865Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20150
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.870Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20150", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:38.425731Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:34.223Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20150", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:34.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20141
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.696Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20141", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:05.871408Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:41.207Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20141", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:41.207Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20142
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.794Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20142", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:04.350255Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:32.870Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20142", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:32.870Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20144
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.902Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20144", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:00.710262Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:17.421Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20144", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:17.421Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-40120
Vulnerability from cvelistv5
Published
2021-11-04 15:35
Modified
2024-11-07 21:43
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T02:27:31.582Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20211103 Cisco Small Business RV Series Routers Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2021-40120", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-07T21:42:44.419677Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-07T21:43:34.339Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2021-11-03T00:00:00", descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.", }, ], exploits: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2021-11-04T15:35:56", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20211103 Cisco Small Business RV Series Routers Command Injection Vulnerability", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK", }, ], source: { advisory: "cisco-sa-sbrv-cmdinjection-Z5cWFdK", defect: [ [ "CSCvz75703", "CSCvz75705", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerability", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2021-11-03T16:00:00", ID: "CVE-2021-40120", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerability", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system and execute them using root-level privileges. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to a specific field in the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as a user with root-level privileges.", }, ], }, exploit: [ { lang: "en", value: "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.", }, ], impact: { cvss: { baseScore: "6.5", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "20211103 Cisco Small Business RV Series Routers Command Injection Vulnerability", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbrv-cmdinjection-Z5cWFdK", }, ], }, source: { advisory: "cisco-sa-sbrv-cmdinjection-Z5cWFdK", defect: [ [ "CSCvz75703", "CSCvz75705", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2021-40120", datePublished: "2021-11-04T15:35:56.894719Z", dateReserved: "2021-08-25T00:00:00", dateUpdated: "2024-11-07T21:43:34.339Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3295
Vulnerability from cvelistv5
Published
2020-06-18 02:16
Modified
2024-11-15 17:07
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3295", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:45.512614Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:07:25.834Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:16:17", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3295", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3295", datePublished: "2020-06-18T02:16:17.996974Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:07:25.834Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3286
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:09
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.602Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3286", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:24:02.908900Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:09:13.891Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:36", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3286", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3286", datePublished: "2020-06-18T02:15:36.829409Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:09:13.891Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20145
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.714Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20145", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:54.362234Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:09.552Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20145", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:09.552Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3276
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.926Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3276", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:30.505285Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:58:03.040Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:21:54", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3276", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3276", datePublished: "2020-06-18T02:21:54.238317Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:58:03.040Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3274
Vulnerability from cvelistv5
Published
2020-06-18 02:21
Modified
2024-11-15 16:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.317Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3274", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:33.272593Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T16:58:26.378Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:21:45", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3274", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Command Injection Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-77", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Command Injection Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8", }, ], }, source: { advisory: "cisco-sa-rv-routers-Rj5JRfF8", defect: [ [ "CSCvt26490", "CSCvt26504", "CSCvt26669", "CSCvt26676", "CSCvt26683", "CSCvt26714", "CSCvt29372", "CSCvt29376", "CSCvt29405", "CSCvt29407", "CSCvt29409", "CSCvt29415", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3274", datePublished: "2020-06-18T02:21:45.469314Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T16:58:26.378Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20118
Vulnerability from cvelistv5
Published
2023-04-05 16:05
Modified
2025-03-12 16:21
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds ["#workarounds"] section.
{{value}} ["%7b%7bvalue%7d%7d"])}]]
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: 1.0.1.17 Version: 1.0.2.03 Version: 1.1.0.09 Version: 1.1.1.19 Version: 1.1.1.06 Version: 1.2.1.13 Version: 1.2.1.14 Version: 1.3.1.12 Version: 1.3.2.02 Version: 1.3.1.10 Version: 1.4.2.15 Version: 1.4.2.17 Version: 1.4.2.19 Version: 1.4.2.20 Version: 1.4.2.22 Version: 1.5.1.05 Version: 1.5.1.11 Version: 1.5.1.13 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:35.886Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", tags: [ "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20118", options: [ { Exploitation: "active", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-03T20:12:24.673297Z", version: "2.0.3", }, type: "ssvc", }, }, { other: { content: { dateAdded: "2025-03-03", reference: "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json", }, type: "kev", }, }, ], providerMetadata: { dateUpdated: "2025-03-03T20:14:14.379Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, timeline: [ { lang: "en", time: "2025-03-03T00:00:00+00:00", value: "CVE-2023-20118 added to CISA KEV", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "1.0.1.17", }, { status: "affected", version: "1.0.2.03", }, { status: "affected", version: "1.1.0.09", }, { status: "affected", version: "1.1.1.19", }, { status: "affected", version: "1.1.1.06", }, { status: "affected", version: "1.2.1.13", }, { status: "affected", version: "1.2.1.14", }, { status: "affected", version: "1.3.1.12", }, { status: "affected", version: "1.3.2.02", }, { status: "affected", version: "1.3.1.10", }, { status: "affected", version: "1.4.2.15", }, { status: "affected", version: "1.4.2.17", }, { status: "affected", version: "1.4.2.19", }, { status: "affected", version: "1.4.2.20", }, { status: "affected", version: "1.4.2.22", }, { status: "affected", version: "1.5.1.05", }, { status: "affected", version: "1.5.1.11", }, { status: "affected", version: "1.5.1.13", }, ], }, ], descriptions: [ { lang: "en", value: "A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.\r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.\r\n\r Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds [\"#workarounds\"] section.\r\n\r {{value}} [\"%7b%7bvalue%7d%7d\"])}]]", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for vulnerabilities CVE-2023-20025 and CVE-2023-20026 that are described in this advisory.\r\n\r\nIn March 2025, the Cisco PSIRT became aware of additional attempted exploitation of some of these vulnerabilities in the wild. Cisco continues to strongly recommend that customers upgrade their hardware to Meraki or Cisco 1000 Series Integrated Services Routers to remediate these vulnerabilities.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", version: "3.1", }, format: "cvssV3_1", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "cwe", }, ], }, ], providerMetadata: { dateUpdated: "2025-03-12T16:21:05.953Z", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "cisco-sa-sbr042-multi-vuln-ej76Pke5", url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5", }, ], source: { advisory: "cisco-sa-sbr042-multi-vuln-ej76Pke5", defects: [ "CSCwe41652", ], discovery: "EXTERNAL", }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20118", datePublished: "2023-04-05T16:05:41.067Z", dateReserved: "2022-10-27T18:47:50.345Z", dateUpdated: "2025-03-12T16:21:05.953Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3290
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:58.000Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3290", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:52.205745Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:30.650Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:54", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3290", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3290", datePublished: "2020-06-18T02:15:54.897489Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:30.650Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-3288
Vulnerability from cvelistv5
Published
2020-06-18 02:15
Modified
2024-11-15 17:08
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T07:30:57.672Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", "x_transferred", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-3288", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-11-15T16:23:59.837239Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-15T17:08:51.996Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2020-06-17T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-119", description: "CWE-119", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-06-18T02:15:45", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", tags: [ "vendor-advisory", "x_refsource_CISCO", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "psirt@cisco.com", DATE_PUBLIC: "2020-06-17T16:00:00", ID: "CVE-2020-3288", STATE: "PUBLIC", TITLE: "Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Cisco Small Business RV Series Router Firmware", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "Cisco", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.", }, ], }, exploit: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory.", }, ], impact: { cvss: { baseScore: "7.2", vectorString: "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-119", }, ], }, ], }, references: { reference_data: [ { name: "20200617 Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities", refsource: "CISCO", url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz", }, ], }, source: { advisory: "cisco-sa-rv-routers-stack-vUxHmnNz", defect: [ [ "CSCvt26525", "CSCvt26555", "CSCvt26591", "CSCvt26619", "CSCvt26643", "CSCvt26659", "CSCvt26663", "CSCvt26705", "CSCvt26718", "CSCvt26725", "CSCvt26729", "CSCvt29381", "CSCvt29385", "CSCvt29388", "CSCvt29396", "CSCvt29398", "CSCvt29400", "CSCvt29403", "CSCvt29414", "CSCvt29416", "CSCvt29421", "CSCvt29423", ], ], discovery: "INTERNAL", }, }, }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2020-3288", datePublished: "2020-06-18T02:15:45.555572Z", dateReserved: "2019-12-12T00:00:00", dateUpdated: "2024-11-15T17:08:51.996Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20151
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:58
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T09:05:34.861Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20151", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:34:31.698264Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:58:27.245Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20151", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:58:27.245Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-20140
Vulnerability from cvelistv5
Published
2023-04-05 00:00
Modified
2024-10-25 15:59
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Version: n/a |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T08:57:36.128Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", "x_transferred", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-20140", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-25T14:35:07.446266Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-25T15:59:49.069Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Cisco Small Business RV Series Router Firmware ", vendor: "Cisco", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2023-04-05T00:00:00", descriptions: [ { lang: "en", value: "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities are due to insufficient input validation by the web-based management interface. An attacker could exploit these vulnerabilities by sending crafted HTTP requests to an affected device and then persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has not released software updates that address these vulnerabilities.", }, ], exploits: [ { lang: "en", value: "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-79", description: "CWE-79", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-04-05T00:00:00", orgId: "d1c1063e-7a18-46af-9102-31f8928bc633", shortName: "cisco", }, references: [ { name: "20230405 Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", tags: [ "vendor-advisory", ], url: "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-stored-xss-vqz7gC8W", }, ], source: { advisory: "cisco-sa-rv-stored-xss-vqz7gC8W", defect: [ [ "CSCwe21294", "CSCwe75298", "CSCwe75302", "CSCwe75304", "CSCwe75324", "CSCwe75338", "CSCwe75341", "CSCwe75346", "CSCwe75348", "CSCwe75352", "CSCwe75355", "CSCwe75367", "CSCwe75369", "CSCwe75375", "CSCwe75377", ], ], discovery: "INTERNAL", }, title: "Cisco Small Business RV016, RV042, RV042G, RV082 , RV320, and RV325 Routers Cross-Site Scripting Vulnerabilities", }, }, cveMetadata: { assignerOrgId: "d1c1063e-7a18-46af-9102-31f8928bc633", assignerShortName: "cisco", cveId: "CVE-2023-20140", datePublished: "2023-04-05T00:00:00", dateReserved: "2022-10-27T00:00:00", dateUpdated: "2024-10-25T15:59:49.069Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }