Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/170988/Cisco-RV-Series-Authentication-Bypass-Command-Injection.html | |
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-22-409/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-22-410/ | Third Party Advisory VDB Entry |
https://www.zerodayinitiative.com/advisories/ZDI-22-415/ | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
14 Feb 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Mar 2022, 16:07
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-410/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-409/ - Third Party Advisory, VDB Entry | |
References | (MISC) https://www.zerodayinitiative.com/advisories/ZDI-22-415/ - Third Party Advisory, VDB Entry |
24 Feb 2022, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
16 Feb 2022, 17:06
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco rv260w Firmware
Cisco rv345 Firmware Cisco rv160 Cisco Cisco rv340w Firmware Cisco rv160 Firmware Cisco rv160w Firmware Cisco rv260w Cisco rv160w Cisco rv260p Cisco rv260p Firmware Cisco rv345p Cisco rv340w Cisco rv345 Cisco rv345p Firmware Cisco rv340 Cisco rv340 Firmware Cisco rv260 Cisco rv260 Firmware |
|
References | (CISCO) https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D - Vendor Advisory | |
CPE | cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv160_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv260_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv160w:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv260w_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv160w_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv260p_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv260w:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv160:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv260:-:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv260p:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-787 |
10 Feb 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-02-10 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-20705
Mitre link : CVE-2022-20705
CVE.ORG link : CVE-2022-20705
JSON object : View
Products Affected
cisco
- rv160w_firmware
- rv340w_firmware
- rv345
- rv260p_firmware
- rv340w
- rv260
- rv345p
- rv260p
- rv340_firmware
- rv260_firmware
- rv340
- rv260w
- rv345_firmware
- rv160w
- rv345p_firmware
- rv160_firmware
- rv160
- rv260w_firmware