// For flags

CVE-2022-20894

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities

Severity Score

7.2
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities.

Múltiples vulnerabilidades en la interfaz de administración basada en web de los routers Cisco Small Business versiones RV110W, RV130, RV130W y RV215W, podrían permitir a un atacante autenticado y remoto ejecutar código arbitrario en un dispositivo afectado o causar que el dispositivo sea reiniciado inesperadamente, resultando en una condición de denegación de servicio (DoS). Estas vulnerabilidades son debido a que no son comprobados suficientemente los campos de usuario en los paquetes HTTP entrantes. Un atacante podría explotar estas vulnerabilidades mediante el envío de una petición diseñada a la interfaz de administración basada en web. Una explotación con éxito podría permitir al atacante ejecutar comandos arbitrarios en un dispositivo afectado con privilegios de nivel root o causar que el dispositivo sea reiniciado inesperadamente, resultando en una condición de DoS. Para explotar estas vulnerabilidades, un atacante necesitaría tener credenciales de administrador válidas en el dispositivo afectado. Cisco no ha publicado actualizaciones de software que aborden estas vulnerabilidades

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2021-11-02 CVE Reserved
  • 2022-07-21 CVE Published
  • 2024-10-12 EPSS Updated
  • 2024-11-01 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Rv215w Firmware
Search vendor "Cisco" for product "Rv215w Firmware"
1.3.1.7
Search vendor "Cisco" for product "Rv215w Firmware" and version "1.3.1.7"
-
Affected
in Cisco
Search vendor "Cisco"
Rv215w
Search vendor "Cisco" for product "Rv215w"
--
Safe
Cisco
Search vendor "Cisco"
Rv130w Firmware
Search vendor "Cisco" for product "Rv130w Firmware"
1.3.1.7
Search vendor "Cisco" for product "Rv130w Firmware" and version "1.3.1.7"
-
Affected
in Cisco
Search vendor "Cisco"
Rv130w
Search vendor "Cisco" for product "Rv130w"
--
Safe
Cisco
Search vendor "Cisco"
Rv130 Firmware
Search vendor "Cisco" for product "Rv130 Firmware"
1.3.1.7
Search vendor "Cisco" for product "Rv130 Firmware" and version "1.3.1.7"
-
Affected
in Cisco
Search vendor "Cisco"
Rv130
Search vendor "Cisco" for product "Rv130"
--
Safe
Cisco
Search vendor "Cisco"
Rv110w Firmware
Search vendor "Cisco" for product "Rv110w Firmware"
1.3.1.7
Search vendor "Cisco" for product "Rv110w Firmware" and version "1.3.1.7"
-
Affected
in Cisco
Search vendor "Cisco"
Rv110w
Search vendor "Cisco" for product "Rv110w"
--
Safe