fkie_cve-2024-20520
Vulnerability from fkie_nvd
Published
2024-10-02 17:15
Modified
2024-10-08 13:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz."
}
],
"id": "CVE-2024-20520",
"lastModified": "2024-10-08T13:50:48.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:19.050",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.