CVE-2022-20842
Cisco Small Business RV Series Routers Vulnerabilities
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track*
*SSVC
Descriptions
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
Varias vulnerabilidades en los routers Cisco Small Business de las series RV160, RV260, RV340 y RV345 podrían permitir a un atacante remoto no autenticado ejecutar código arbitrario o causar una condición de denegación de servicio (DoS) en un dispositivo afectado. Para obtener más información sobre estas vulnerabilidades, consulte la sección Detalles de este aviso
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track*
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-11-02 CVE Reserved
- 2022-08-10 CVE Published
- 2024-11-01 CVE Updated
- 2024-11-01 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Cisco Search vendor "Cisco" | Rv340 Firmware Search vendor "Cisco" for product "Rv340 Firmware" | < 1.0.03.28 Search vendor "Cisco" for product "Rv340 Firmware" and version " < 1.0.03.28" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340 Search vendor "Cisco" for product "Rv340" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Rv340w Firmware Search vendor "Cisco" for product "Rv340w Firmware" | < 1.0.03.28 Search vendor "Cisco" for product "Rv340w Firmware" and version " < 1.0.03.28" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340w Search vendor "Cisco" for product "Rv340w" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Rv345 Firmware Search vendor "Cisco" for product "Rv345 Firmware" | < 1.0.03.28 Search vendor "Cisco" for product "Rv345 Firmware" and version " < 1.0.03.28" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345 Search vendor "Cisco" for product "Rv345" | - | - |
Safe
|
Cisco Search vendor "Cisco" | Rv345p Firmware Search vendor "Cisco" for product "Rv345p Firmware" | < 1.0.03.28 Search vendor "Cisco" for product "Rv345p Firmware" and version " < 1.0.03.28" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345p Search vendor "Cisco" for product "Rv345p" | - | - |
Safe
|