Search

Find a vulnerability

Search criteria

    46 vulnerabilities found for rv042g by cisco

    VAR-202304-1067

    Vulnerability from variot - Updated: 2025-11-18 15:32

    A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.

    This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.

    Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds ["#workarounds"] section.

    {{value}} ["%7b%7bvalue%7d%7d"])}]]. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Multiple Cisco Systems products, including firmware, contain vulnerabilities related to input validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202304-1067",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "model": "rv082",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "*"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "cve": "CVE-2023-20118",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2023-20118",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2023-20118",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2023-20118",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@cisco.com",
                "id": "CVE-2023-20118",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2023-20118",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2023-20118",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202304-1035",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. \r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. \r\n\r Cisco has not and will not release software updates that address this vulnerability.   However, administrators may disable the affected feature as described in the Workarounds [\"#workarounds\"] section. \r\n\r  {{value}} [\"%7b%7bvalue%7d%7d\"])}]]. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Multiple Cisco Systems products, including firmware, contain vulnerabilities related to input validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2023-20118",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "id": "VAR-202304-1067",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.41167478
      },
      "last_update_date": "2025-11-18T15:32:39.265000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sbr042-multi-vuln-ej76Pke5",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5"
          },
          {
            "title": "Cisco Small Business Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=234571"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.6,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbr042-multi-vuln-ej76pke5"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2023-20118"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-20118"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2023-20118/"
          }
        ],
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-04-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "date": "2023-12-01T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "date": "2023-04-13T07:15:21.080000",
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-04-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          },
          {
            "date": "2023-12-01T03:01:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          },
          {
            "date": "2025-10-28T13:59:03.593000",
            "db": "NVD",
            "id": "CVE-2023-20118"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input validation vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-008395"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202304-1035"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202404-1866

    Vulnerability from variot - Updated: 2025-08-09 23:15

    A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

    This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with. Cisco Small Business is a switch of Cisco. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data by the application

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202404-1866",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv320",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "cve": "CVE-2024-20362",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "NONE",
                "baseScore": 6.4,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2024-20830",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.8,
                "id": "CVE-2024-20362",
                "impactScore": 2.7,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "None",
                "baseScore": 6.1,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "JVNDB-2024-026854",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@cisco.com",
                "id": "CVE-2024-20362",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2024-026854",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2024-20830",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. \r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. RV016 Multi-WAN VPN firmware, RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN Cross-site scripting vulnerabilities exist in multiple Cisco Systems products, including firmware.Information may be obtained and information may be tampered with. Cisco Small Business is a switch of Cisco. The vulnerability is caused by the lack of effective filtering and escaping of user-supplied data by the application",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20362",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "id": "VAR-202404-1866",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          }
        ],
        "trust": 1.0116747799999999
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          }
        ]
      },
      "last_update_date": "2025-08-09T23:15:59.167000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sbiz-rv-xss-OQeRTup",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
          },
          {
            "title": "Patch for Cisco Small Business Cross-Site Scripting Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/541076"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-80",
            "trust": 1.0
          },
          {
            "problemtype": "Cross-site scripting  (Basic XSS)(CWE-80) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20362"
          },
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbiz-rv-xss-oqertup"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-04-12T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "date": "2025-08-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "date": "2024-04-03T17:15:49.707000",
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-04-29T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2024-20830"
          },
          {
            "date": "2025-08-06T02:18:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          },
          {
            "date": "2025-08-05T14:44:28.830000",
            "db": "NVD",
            "id": "CVE-2024-20362"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cross-site scripting vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-026854"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202301-0962

    Vulnerability from variot - Updated: 2025-04-07 23:32

    A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device.

    This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system. Cisco Small Business RV042 Series routers contain an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202301-0962",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv082",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "cve": "CVE-2023-20025",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "psirt@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 9.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2023-20025",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2023-20025",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2023-20025",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@cisco.com",
                "id": "CVE-2023-20025",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2023-20025",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2023-20025",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202301-943",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 Routers could allow an unauthenticated, remote attacker to bypass authentication on an affected device. \r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to bypass authentication and gain root access on the underlying operating system. Cisco Small Business RV042 Series routers contain an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "VULMON",
            "id": "CVE-2023-20025"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2023-20025",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2023.0171",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2023-20025",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "id": "VAR-202301-0962",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.41167478
      },
      "last_update_date": "2025-04-07T23:32:23.045000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sbr042-multi-vuln-ej76Pke5",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5"
          },
          {
            "title": "Cisco Small Business RV016 Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223494"
          },
          {
            "title": "Cisco: Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sbr042-multi-vuln-ej76Pke5"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-293",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-290",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbr042-multi-vuln-ej76pke5"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-20025"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2023.0171"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2023-20025/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20025"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2023-20025"
          },
          {
            "date": "2023-07-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "date": "2023-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          },
          {
            "date": "2023-01-20T07:15:14.490000",
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2023-20025"
          },
          {
            "date": "2023-07-05T07:35:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          },
          {
            "date": "2023-02-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          },
          {
            "date": "2025-04-07T13:46:26.707000",
            "db": "NVD",
            "id": "CVE-2023-20025"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cisco\u00a0Small\u00a0Business\u00a0RV042\u00a0 Input Validation Vulnerability in Series Routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002344"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-943"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202301-0961

    Vulnerability from variot - Updated: 2025-03-13 23:09

    A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.

    This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco Small Business Routers RV042 Series contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202301-0961",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "cve": "CVE-2023-20026",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2023-20026",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2023-20026",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2023-20026",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "psirt@cisco.com",
                "id": "CVE-2023-20026",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2023-20026",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2023-20026",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202301-947",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320 and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. \r\n\r This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device. Cisco Small Business Routers RV042 Series contains an input validation vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "VULMON",
            "id": "CVE-2023-20026"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2023-20026",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2023.0171",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2023-20026",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "id": "VAR-202301-0961",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.41167478
      },
      "last_update_date": "2025-03-13T23:09:14.760000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sbr042-multi-vuln-ej76Pke5",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5"
          },
          {
            "title": "Cisco Small Business RV016 Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=223495"
          },
          {
            "title": "Cisco: Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sbr042-multi-vuln-ej76Pke5"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sbr042-multi-vuln-ej76pke5"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2023-20026"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2023.0171"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2023-20026/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2023-20026"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          },
          {
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2023-20026"
          },
          {
            "date": "2023-07-07T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "date": "2023-01-12T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          },
          {
            "date": "2023-01-20T07:15:14.813000",
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-01-20T00:00:00",
            "db": "VULMON",
            "id": "CVE-2023-20026"
          },
          {
            "date": "2023-07-07T02:23:00",
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          },
          {
            "date": "2023-02-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          },
          {
            "date": "2025-03-12T17:15:38.390000",
            "db": "NVD",
            "id": "CVE-2023-20026"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cisco\u00a0Small\u00a0Business\u00a0Routers\u00a0RV042\u00a0 Input validation vulnerability in series",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2023-002358"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202301-947"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1120

    Vulnerability from variot - Updated: 2024-11-23 23:01

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.

    There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1120",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kai Cheng",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3279",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3279",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006859",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35159",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3279",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3279",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006859",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3279",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3279",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006859",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35159",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1149",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-3279",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program\u0027s failure to properly verify the input submitted by the user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3279",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "id": "VAR-202006-1120",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          }
        ]
      },
      "last_update_date": "2024-11-23T23:01:21.677000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-Rj5JRfF8",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8"
          },
          {
            "title": "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35159)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223655"
          },
          {
            "title": "Multiple Cisco Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123001"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Command Injection Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-rv-routers-Rj5JRfF8"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3279"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3279"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/78.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/183584"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "date": "2020-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          },
          {
            "date": "2020-06-18T03:15:12.637000",
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-01T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35159"
          },
          {
            "date": "2020-06-23T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3279"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          },
          {
            "date": "2020-07-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          },
          {
            "date": "2024-11-21T05:30:42.780000",
            "db": "NVD",
            "id": "CVE-2020-3279"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV In series routers  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006859"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1149"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1117

    Vulnerability from variot - Updated: 2024-11-23 22:47

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.

    There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1117",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kai Cheng",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3276",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3276",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006865",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35166",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3276",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3276",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006865",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3276",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3276",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006865",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35166",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1156",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program\u0027s failure to properly verify the input submitted by the user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3276",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "id": "VAR-202006-1117",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:47:58.799000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-Rj5JRfF8",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8"
          },
          {
            "title": "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35166)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223613"
          },
          {
            "title": "Multiple Cisco Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123006"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3276"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3276"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          },
          {
            "date": "2020-06-18T03:15:12.340000",
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35166"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          },
          {
            "date": "2020-08-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          },
          {
            "date": "2024-11-21T05:30:42.420000",
            "db": "NVD",
            "id": "CVE-2020-3276"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV In series routers  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006865"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1156"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1116

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.

    There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1116",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kai Cheng",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3275",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3275",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006864",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35162",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3275",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3275",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006864",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3275",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3275",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006864",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35162",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1152",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program\u0027s failure to properly verify the input submitted by the user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3275",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "id": "VAR-202006-1116",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:22.181000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-Rj5JRfF8",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8"
          },
          {
            "title": "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35162)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223631"
          },
          {
            "title": "Multiple Cisco Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123004"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3275"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3275"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          },
          {
            "date": "2020-06-18T03:15:12.260000",
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35162"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          },
          {
            "date": "2020-07-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          },
          {
            "date": "2024-11-21T05:30:42.297000",
            "db": "NVD",
            "id": "CVE-2020-3275"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV In series routers  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006864"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1152"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1115

    Vulnerability from variot - Updated: 2024-11-23 22:25

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.

    There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1115",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kai Cheng",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3274",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3274",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006863",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35163",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3274",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3274",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006863",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3274",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3274",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006863",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35163",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1153",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program\u0027s failure to properly verify the input submitted by the user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3274",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "id": "VAR-202006-1115",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:25:25.970000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-Rj5JRfF8",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8"
          },
          {
            "title": "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35163)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223629"
          },
          {
            "title": "Multiple Cisco Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123005"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3274"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3274"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          },
          {
            "date": "2020-06-18T03:15:12.167000",
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35163"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          },
          {
            "date": "2020-07-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          },
          {
            "date": "2024-11-21T05:30:42.173000",
            "db": "NVD",
            "id": "CVE-2020-3274"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV In series routers  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006863"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1153"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1118

    Vulnerability from variot - Updated: 2024-11-23 22:16

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.

    There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1118",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kai Cheng",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3277",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3277",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006866",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35161",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3277",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3277",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006866",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3277",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3277",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006866",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35161",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1151",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program\u0027s failure to properly verify the input submitted by the user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3277",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "id": "VAR-202006-1118",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:16:27.139000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-Rj5JRfF8",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8"
          },
          {
            "title": "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35161)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223633"
          },
          {
            "title": "Multiple Cisco Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123003"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3277"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3277"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          },
          {
            "date": "2020-06-18T03:15:12.417000",
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35161"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          },
          {
            "date": "2020-07-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          },
          {
            "date": "2024-11-21T05:30:42.540000",
            "db": "NVD",
            "id": "CVE-2020-3277"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV In series routers  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006866"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1151"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1119

    Vulnerability from variot - Updated: 2024-11-23 21:59

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States.

    There are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program's failure to properly verify the input submitted by the user

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1119",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Kai Cheng",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2020-3278",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3278",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006867",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35160",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3278",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3278",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006867",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3278",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3278",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006867",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35160",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1150",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands on an affected device. The vulnerabilities exist because the web-based management interface does not properly validate user-supplied input to scripts. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending malicious requests to an affected device. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the underlying operating system. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. \n\r\n\r\nThere are command injection vulnerabilities in the web management interface in many Cisco products. The vulnerability stems from the program\u0027s failure to properly verify the input submitted by the user",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3278",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "id": "VAR-202006-1119",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:59:11.916000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-Rj5JRfF8",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8"
          },
          {
            "title": "Patch for Multiple Cisco product command injection vulnerabilities (CNVD-2020-35160)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223651"
          },
          {
            "title": "Multiple Cisco Product Command Injection Vulnerability Fixes",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=123002"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-78",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-77",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-rj5jrff8"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3278"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3278"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          },
          {
            "date": "2020-06-18T03:15:12.497000",
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35160"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          },
          {
            "date": "2020-07-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          },
          {
            "date": "2024-11-21T05:30:42.657000",
            "db": "NVD",
            "id": "CVE-2020-3278"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV In series routers  OS Command injection vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006867"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "command injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1150"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1122

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1122",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          }
        ]
      },
      "cve": "CVE-2020-3286",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3286",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006860",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-36259",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3286",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3286",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006860",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3286",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3286",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006860",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-36259",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1165",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3286",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "id": "VAR-202006-1122",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.850000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-36259)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/224607"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121858"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3286"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3286"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          },
          {
            "date": "2020-06-18T03:15:12.730000",
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36259"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          },
          {
            "date": "2021-09-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          },
          {
            "date": "2024-11-21T05:30:43.687000",
            "db": "NVD",
            "id": "CVE-2020-3286"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006860"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1165"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1127

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1127",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          }
        ]
      },
      "cve": "CVE-2020-3291",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3291",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006855",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-34327",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3291",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3291",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006855",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3291",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3291",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006855",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-34327",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1161",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3291",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "id": "VAR-202006-1127",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.824000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-34327)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/222917"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121854"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3291"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3291"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          },
          {
            "date": "2020-06-18T03:15:13.167000",
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34327"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          },
          {
            "date": "2024-11-21T05:30:44.317000",
            "db": "NVD",
            "id": "CVE-2020-3291"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006855"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1161"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1131

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1131",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          }
        ]
      },
      "cve": "CVE-2020-3295",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3295",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006849",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-36257",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3295",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3295",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006849",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3295",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3295",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006849",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-36257",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1163",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3295",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "id": "VAR-202006-1131",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.797000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-36257)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/224611"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121856"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3295"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3295"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          },
          {
            "date": "2020-06-18T03:15:13.497000",
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36257"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          },
          {
            "date": "2024-11-21T05:30:45.183000",
            "db": "NVD",
            "id": "CVE-2020-3295"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006849"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1163"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1132

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1132",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          }
        ]
      },
      "cve": "CVE-2020-3296",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3296",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006850",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-35165",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3296",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3296",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006850",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3296",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3296",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006850",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-35165",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1155",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-3296",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3296",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "id": "VAR-202006-1132",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.768000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-35165)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/223617"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121848"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-rv-routers-stack-vUxHmnNz"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3296"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3296"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "date": "2020-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          },
          {
            "date": "2020-06-18T03:15:13.573000",
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-30T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-35165"
          },
          {
            "date": "2021-08-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3296"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          },
          {
            "date": "2024-11-21T05:30:45.303000",
            "db": "NVD",
            "id": "CVE-2020-3296"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006850"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1155"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1126

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1126",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          }
        ]
      },
      "cve": "CVE-2020-3290",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3290",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006854",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-34328",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3290",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3290",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006854",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3290",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3290",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006854",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-34328",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1162",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3290",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "id": "VAR-202006-1126",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.741000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-34328)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/222913"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121855"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3290"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3290"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          },
          {
            "date": "2020-06-18T03:15:13.073000",
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34328"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          },
          {
            "date": "2024-11-21T05:30:44.200000",
            "db": "NVD",
            "id": "CVE-2020-3290"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006854"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1162"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1125

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1125",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          }
        ]
      },
      "cve": "CVE-2020-3289",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3289",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006853",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3289",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3289",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006853",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3289",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3289",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006853",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1169",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3289",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "id": "VAR-202006-1125",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.51422708
      },
      "last_update_date": "2024-11-23T21:35:43.720000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3289"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3289"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          },
          {
            "date": "2020-06-18T03:15:12.997000",
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          },
          {
            "date": "2024-11-21T05:30:44.080000",
            "db": "NVD",
            "id": "CVE-2020-3289"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006853"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1169"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1129

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1129",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          }
        ]
      },
      "cve": "CVE-2020-3293",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3293",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006857",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-34325",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3293",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3293",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006857",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3293",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3293",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006857",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-34325",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1159",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3293",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "id": "VAR-202006-1129",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.694000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-34325)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/222921"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121852"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3293"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3293"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          },
          {
            "date": "2020-06-18T03:15:13.323000",
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34325"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          },
          {
            "date": "2024-11-21T05:30:44.930000",
            "db": "NVD",
            "id": "CVE-2020-3293"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006857"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1159"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1124

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1124",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          }
        ]
      },
      "cve": "CVE-2020-3288",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3288",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006862",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-36260",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3288",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3288",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006862",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3288",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3288",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006862",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-36260",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1168",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3288",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "id": "VAR-202006-1124",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.668000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Cisco product buffer overflow vulnerabilities (CNVD-2020-36260)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/224605"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121861"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3288"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3288"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          },
          {
            "date": "2020-06-18T03:15:12.900000",
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36260"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          },
          {
            "date": "2024-11-21T05:30:43.960000",
            "db": "NVD",
            "id": "CVE-2020-3288"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006862"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1168"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1123

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1123",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          }
        ]
      },
      "cve": "CVE-2020-3287",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3287",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.1,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006861",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CNVD-2020-36258",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3287",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3287",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006861",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3287",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3287",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006861",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-36258",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1164",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2020-3287",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3287",
            "trust": 3.1
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "id": "VAR-202006-1123",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.585000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-36258)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/224609"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121857"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-rv-routers-stack-vUxHmnNz"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.0,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3287"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3287"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "date": "2020-06-18T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          },
          {
            "date": "2020-06-18T03:15:12.823000",
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-07-06T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-36258"
          },
          {
            "date": "2021-08-06T00:00:00",
            "db": "VULMON",
            "id": "CVE-2020-3287"
          },
          {
            "date": "2020-07-21T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          },
          {
            "date": "2024-11-21T05:30:43.827000",
            "db": "NVD",
            "id": "CVE-2020-3287"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006861"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1164"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1130

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1130",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          }
        ]
      },
      "cve": "CVE-2020-3294",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3294",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006858",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-34324",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3294",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3294",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006858",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3294",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3294",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006858",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-34324",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1158",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV320, etc. are all a VPN router of Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3294",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "id": "VAR-202006-1130",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.559000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-34324)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/222923"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121851"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3294"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3294"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          },
          {
            "date": "2020-06-18T03:15:13.417000",
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34324"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          },
          {
            "date": "2024-11-21T05:30:45.057000",
            "db": "NVD",
            "id": "CVE-2020-3294"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006858"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1158"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202006-1128

    Vulnerability from variot - Updated: 2024-11-23 21:35

    Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program's failure to properly limit the user's input boundary

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202006-1128",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv082",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv016",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv325 dual gigabit wan vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv016 multi-wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv016 multi-wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv082 dual wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=4.2.3.10"
          },
          {
            "model": "rv320 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          },
          {
            "model": "rv325 dual gigabit wan vpn",
            "scope": "lte",
            "trust": 0.6,
            "vendor": "cisco",
            "version": "\u003c=1.5.1.05"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv320_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv325_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv016_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv042g_firmware",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/o:cisco:rv082_firmware",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          }
        ]
      },
      "cve": "CVE-2020-3292",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2020-3292",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.0,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 9.0,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006856",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2020-34326",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3292",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2020-3292",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-006856",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-3292",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2020-3292",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-006856",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2020-34326",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202006-1160",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. plural Cisco Small Business RV A buffer error vulnerability exists in series routers.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Cisco Small Business RV016 Multi-WAN VPN is a VPN router from Cisco in the United States. The vulnerability stems from the program\u0027s failure to properly limit the user\u0027s input boundary",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-3292",
            "trust": 3.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.2119.2",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "id": "VAR-202006-1128",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          }
        ],
        "trust": 1.1951892333333332
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          }
        ]
      },
      "last_update_date": "2024-11-23T21:35:43.532000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-routers-stack-vUxHmnNz",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz"
          },
          {
            "title": "Patch for Multiple Buffer Overflow Vulnerabilities in Cisco Products (CNVD-2020-34326)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/222919"
          },
          {
            "title": "Multiple Cisco Product Buffer Error Vulnerability Fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121853"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-routers-stack-vuxhmnnz"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-3292"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3292"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119/"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.2119.2/"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "date": "2020-06-17T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          },
          {
            "date": "2020-06-18T03:15:13.247000",
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-06-23T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2020-34326"
          },
          {
            "date": "2020-07-20T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          },
          {
            "date": "2021-08-09T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          },
          {
            "date": "2024-11-21T05:30:44.440000",
            "db": "NVD",
            "id": "CVE-2020-3292"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Cisco Small Business RV Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-006856"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202006-1160"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202410-0270

    Vulnerability from variot - Updated: 2024-11-20 22:56

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business Routers is a router device of Cisco

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0270",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "small business rv042",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv042g",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv320",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv325",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "cve": "CVE-2024-20519",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "MULTIPLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.4,
                "id": "CNVD-2024-45301",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20519",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2024-20519",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-20519",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20519",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20519",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20519",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2024-45301",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business Routers is a router device of Cisco",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20519",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "id": "VAR-202410-0270",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          }
        ],
        "trust": 1.3345340499999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          }
        ]
      },
      "last_update_date": "2024-11-20T22:56:38.242000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          },
          {
            "title": "Patch for Cisco Small Business WEB Interface Remote Command Execution Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/618111"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20519"
          },
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-11-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "date": "2024-10-02T17:15:18.837000",
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-11-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2024-45301"
          },
          {
            "date": "2024-10-09T02:10:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          },
          {
            "date": "2024-10-08T13:50:35.507000",
            "db": "NVD",
            "id": "CVE-2024-20519"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010013"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0311

    Vulnerability from variot - Updated: 2024-11-20 22:54

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business Routers is a router device of Cisco

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0311",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "small business rv042",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv042g",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv320",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "small business rv325",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "cve": "CVE-2024-20518",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "MULTIPLE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.4,
                "id": "CNVD-2024-45302",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:M/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20518",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2024-20518",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-20518",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20518",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20518",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20518",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2024-45302",
                "trust": 0.6,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco Small Business Routers is a router device of Cisco",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          }
        ],
        "trust": 2.16
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20518",
            "trust": 3.2
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302",
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "id": "VAR-202410-0311",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          }
        ],
        "trust": 1.3345340499999998
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          }
        ]
      },
      "last_update_date": "2024-11-20T22:54:27.568000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          },
          {
            "title": "Patch for Cisco Small Business WEB Interface Command Injection Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/618106"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20518"
          },
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-11-14T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "date": "2024-10-02T17:15:18.637000",
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-11-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2024-45302"
          },
          {
            "date": "2024-10-09T01:59:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          },
          {
            "date": "2024-10-08T13:50:14.730000",
            "db": "NVD",
            "id": "CVE-2024-20518"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010004"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0324

    Vulnerability from variot - Updated: 2024-10-13 23:20

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0324",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "cve": "CVE-2024-20517",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20517",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-20517",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20517",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20517",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20517",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20517",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "id": "VAR-202410-0324",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-13T23:20:15.063000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-122",
            "trust": 1.0
          },
          {
            "problemtype": "Heap-based buffer overflow (CWE-122) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20517"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "date": "2024-10-02T17:15:18.417000",
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T02:48:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          },
          {
            "date": "2024-10-08T13:47:52.483000",
            "db": "NVD",
            "id": "CVE-2024-20517"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010024"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0215

    Vulnerability from variot - Updated: 2024-10-12 19:25

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0215",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "cve": "CVE-2024-20523",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20523",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-20523",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20523",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20523",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20523",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20523",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "id": "VAR-202410-0215",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-12T19:25:13.560000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20523"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "date": "2024-10-02T17:15:19.707000",
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-10T04:58:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          },
          {
            "date": "2024-10-08T13:48:29.500000",
            "db": "NVD",
            "id": "CVE-2024-20523"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010121"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0203

    Vulnerability from variot - Updated: 2024-10-11 23:05

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0203",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "cve": "CVE-2024-20522",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20522",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2024-20522",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-20522",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20522",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20522",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20522",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20522",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "id": "VAR-202410-0203",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-11T23:05:41.024000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-122",
            "trust": 1.0
          },
          {
            "problemtype": "Heap-based buffer overflow (CWE-122) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20522"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "date": "2024-10-02T17:15:19.490000",
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T02:54:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          },
          {
            "date": "2024-10-08T13:48:19.060000",
            "db": "NVD",
            "id": "CVE-2024-20522"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010025"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0195

    Vulnerability from variot - Updated: 2024-10-11 23:04

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0195",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "cve": "CVE-2024-20524",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20524",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-20524",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20524",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20524",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20524",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20524",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "id": "VAR-202410-0195",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-11T23:04:43.852000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20524"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "date": "2024-10-02T17:15:19.930000",
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T01:23:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          },
          {
            "date": "2024-10-08T13:48:58.273000",
            "db": "NVD",
            "id": "CVE-2024-20524"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010002"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0205

    Vulnerability from variot - Updated: 2024-10-11 22:55

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0205",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "cve": "CVE-2024-20516",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20516",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 6.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2024-20516",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20516",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20516",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20516",
                "trust": 0.8,
                "value": "Medium"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20516",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "id": "VAR-202410-0205",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-11T22:55:11.241000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-122",
            "trust": 1.0
          },
          {
            "problemtype": "Heap-based buffer overflow (CWE-122) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20516"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "date": "2024-10-02T17:15:18.200000",
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T02:04:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          },
          {
            "date": "2024-10-08T13:44:10.840000",
            "db": "NVD",
            "id": "CVE-2024-20516"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010009"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0194

    Vulnerability from variot - Updated: 2024-10-11 22:53

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0194",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "cve": "CVE-2024-20521",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20521",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2024-20521",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-20521",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20521",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20521",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20521",
                "trust": 0.8,
                "value": "Critical"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20521",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "id": "VAR-202410-0194",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-11T22:53:44.815000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20521"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "date": "2024-10-02T17:15:19.280000",
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T02:10:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          },
          {
            "date": "2024-10-08T13:50:57.163000",
            "db": "NVD",
            "id": "CVE-2024-20521"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-010012"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202410-0164

    Vulnerability from variot - Updated: 2024-10-10 23:25

    A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202410-0164",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.2.08-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.19"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.10"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.11"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.12"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.20"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.19-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.1.02"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.13"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.2.02"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.1.01"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.2.08"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.13"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.08"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.19-tm"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.1.0.02-tm"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.0.1-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.07"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.3.03-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.15"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.5.1.05"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.4.02-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.17"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.1.19"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.06"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "3.0.2.01-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.2.1.14"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.0.0.7"
          },
          {
            "model": "rv320",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.12.6-tm"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.4.2.22"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.1.10"
          },
          {
            "model": "rv325",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.14"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.2.03"
          },
          {
            "model": "rv042",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.2.3.03"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.17"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.1.0.09"
          },
          {
            "model": "rv042g",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.3.13.02-tm"
          },
          {
            "model": "rv042g dual gigabit wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv042 dual wan vpn",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv325 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv320 dual gigabit wan vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "cve": "CVE-2024-20520",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.1,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.3,
                "id": "CVE-2024-20520",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2024-20520",
                "impactScore": 5.2,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.1,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2024-20520",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2024-20520",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2024-20520",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2024-20520",
                "trust": 0.8,
                "value": "Critical"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. \r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user. RV042 Dual WAN VPN firmware, RV042G Dual Gigabit WAN VPN firmware, Cisco RV320 Dual Gigabit WAN VPN Multiple Cisco Systems products, including router firmware, contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2024-20520",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "id": "VAR-202410-0164",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.4690681
      },
      "last_update_date": "2024-10-10T23:25:14.493000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Stack-based buffer overflow (CWE-121) [ others ]",
            "trust": 0.8
          },
          {
            "problemtype": " Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv04x_rv32x_vulns-yj2osdhv"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2024-20520"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "date": "2024-10-02T17:15:19.050000",
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2024-10-09T01:20:00",
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          },
          {
            "date": "2024-10-08T13:50:48.337000",
            "db": "NVD",
            "id": "CVE-2024-20520"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Out-of-bounds write vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2024-009991"
          }
        ],
        "trust": 0.8
      }
    }