Search criteria
138 vulnerabilities found for rv042_firmware by cisco
FKIE_CVE-2024-20520
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz."
}
],
"id": "CVE-2024-20520",
"lastModified": "2024-10-08T13:50:48.337",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:19.050",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20524
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:48
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2024-20524",
"lastModified": "2024-10-08T13:48:58.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:19.930",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20522
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:48
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2024-20522",
"lastModified": "2024-10-08T13:48:19.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:19.490",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20521
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz."
}
],
"id": "CVE-2024-20521",
"lastModified": "2024-10-08T13:50:57.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:19.280",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20523
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:48
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2024-20523",
"lastModified": "2024-10-08T13:48:29.500",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:19.707",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20517
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:47
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2024-20517",
"lastModified": "2024-10-08T13:47:52.483",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:18.417",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20518
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz."
}
],
"id": "CVE-2024-20518",
"lastModified": "2024-10-08T13:50:14.730",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:18.637",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20519
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado de nivel de administrador ejecute c\u00f3digo arbitrario como usuario ra\u00edz. Para aprovechar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada proporcionada por el usuario en la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en el sistema operativo subyacente como usuario ra\u00edz."
}
],
"id": "CVE-2024-20519",
"lastModified": "2024-10-08T13:50:35.507",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:18.837",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20516
Vulnerability from fkie_nvd - Published: 2024-10-02 17:15 - Updated: 2024-10-08 13:44
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "BA9B2E23-F7F6-44C8-8800-CB3FAECBCDF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "F445CE1E-CACF-4906-814D-3658EB5B8A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "987844EB-3E48-49DF-A95C-054D95F36F4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "54A716D3-2E68-4348-A42C-7ACB51107903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F7458A81-C907-482C-889B-2DE32C1A9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC3C16-C6B4-4311-92C9-AB96BA91F8E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CC353BA2-BCFC-44D1-A190-EFAC646E7D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C0466119-31BE-44AD-82A4-66C1315C128A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "62330002-CB84-434C-860A-A4C29B4C29C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "36A0F1E3-8FCA-4ED1-A6F1-FDC9D3F3E538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "09CBB296-950D-42A1-B6F6-10EDF56AE763",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F47C5A1E-5162-48E8-998C-5A452C86688E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E33427-60ED-4E42-A821-462A87BBEF53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A3E3E5-8B9F-4C15-A3B8-538202A60429",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE2DAFE-F2A4-43A7-BAB5-053FE1D7BD30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CD25C358-C310-41C1-AFA5-89E54D5012CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "A995298E-9655-4AAD-8ABC-71AC816E798D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "08DD66B1-F045-4500-B098-CA65F0914107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "88DE2217-2A37-41D2-ADFE-6648969C676A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BBC05564-DB6D-4EED-95D0-BF3553748E50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "59693DA5-9F18-4F4C-8C57-C7294CF12EA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "1FEA0358-5E6A-465F-829C-7A05B64E2EFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3604DDDE-7C98-4014-B50F-8E8808245644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "92E2E999-774D-406A-BE8F-0B5A01E1D907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "5EC63ECD-D415-4D6C-A4E3-DCF6B8878474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "D559E798-8CD9-463A-AF03-843BB589C599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "C6D3ACE2-D67A-46B4-97E7-F8085BBBD086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7C346A18-C543-4E3B-A1A8-B7757D6D6E45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "40970E5B-AC59-4A61-BD7F-64468C882385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A12CFD-3DF8-4B40-B0D3-8FBE037D1BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "42FA29EE-8000-486C-AEC3-01AE3DE88007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "2C32756E-FBCA-4485-8AFF-3A83570D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B066474A-AE23-48AB-A550-4F2FF3758CA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "D6306152-5BD8-4BD3-9E2D-D523DA54D497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "3A665527-A2C9-4C10-B902-79C158DC589F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "1E99461F-4395-4A30-8B6D-2F63CA9851F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "61F75405-494A-446C-9C19-CC39E121D529",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6BD8AED3-E2B1-46D6-8E04-C5C3E4186BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "C03B0889-8AAA-455F-BBB5-B5BC417904B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3AF56-BF90-4F9E-9E29-1FF9D112AF3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "D46196B0-8E14-49F6-9E16-6E441D133357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "8212115A-A2E7-4CF9-8093-0BD9162FF26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "3D70F5D9-7F51-4782-B8B5-30A5AB569464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "36651493-4F0C-4CF6-935D-B128C9741A8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "BF65AFA9-26CD-4114-8246-07FAB904176B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "30972BB8-A616-4021-868F-A775092B3D41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BBF50E2F-14D7-4738-B4DF-848A3F2814FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "F11630A4-0BBE-457E-B53F-11EA4448C92F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "D92E3198-22B2-491D-9815-2AA62AB0A30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "EA876548-8B5A-4254-B154-58BCF03ADDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3BCD33AD-A637-4C08-AE7E-9974B86CDDE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "935EA2B1-EC2A-4B17-A563-9515579D6161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "B38C7123-D65B-4840-AC28-A530CD4ECCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E595E2-B201-4689-B05D-1C3E44876D74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "F73AC635-05BF-4476-9548-D72D32A313FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "7A734929-DF60-4B5B-8380-1BBD093C1E7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "E1D6863E-2DFB-4BDD-BC3A-B94F84F51E30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "816E98BD-38C5-41CC-8736-5BFFBBA447E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86779EB2-CF50-4CEF-8815-56C8BB517698",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FAD122DD-2FB2-4E55-A77C-7235B5501C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "E0955403-0054-476F-A162-77CCD5C475AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "5A9C297F-5B9E-4591-94C8-5EBEFB2D8CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAB2D55-EE1B-499F-B0C0-78538660985E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3001E0B0-01FD-4DFC-B195-7CE2E156F990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0EDE6F-47B3-48A2-A0C3-2AEC8FFA666E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "DE455ACF-E775-4ADE-95E9-F2162FE79486",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "94D78C7E-5E5A-457F-9D79-58E123145F41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCC0019-F4EF-4CB7-AED1-CC84A413DB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "4BD3AE38-E227-4B55-B492-18614D258905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AB9D70F1-9499-480A-A53E-8FC2BA17DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "DC7A6DF2-C4FC-4BAA-8ABB-0B60BA0357BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "575EC78E-71EE-4657-8413-7D60F2E933C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "834D2F6A-2590-4073-A6F5-AC88A32C30DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "EC89C839-57E0-4FDD-9597-01F8795B4DB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "A119367F-2F09-4750-A8B9-F176A10A55CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "C2062E92-F6BD-4AE7-86AA-682C36E33A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "25EC7568-713E-44DD-9418-23013749CC21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "63D3656F-9D46-4F6C-B8E1-B04243BFD57B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "86DE5F2E-9B5E-4430-8B3D-97843462FE49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA83932-5061-4F7B-B152-E013D679C7EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "AFA29437-B6C7-4C74-90F6-5CF58F54756B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "261D3EEA-6227-4136-91DD-380A2BF3635A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "64765C29-84C1-4F41-9BB4-18A0C43B197C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "44B039E2-0220-481F-B550-3358402FB390",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "BA050DDE-682E-4A54-995A-E3EDB19E45EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B48800BA-A64E-4C18-A6A5-651FFF3A18ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "EC4983FF-DA90-4F10-A511-D0C2531D8380",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "AE80F7A6-0A91-488C-BEE8-F23057AA1ECD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "08029110-3FE5-4DEB-AE76-2B165C4E79C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "B9779344-6BAB-4D21-8DB2-4BA9D7E55F2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "490D19A8-3494-4133-8CA6-0733CDB4CC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "CBB99BF6-11C0-448C-91B2-F03690CE9089",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "61348305-FC9B-4DB4-B039-0A08D44812EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8CE8BC-05D9-45D3-A645-D1A081E1A555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6DC1BA1F-1210-4FBE-B218-B9FDC4711AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "5539C19B-97D1-44C3-8883-0343B574133D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "99A1A830-0F70-47D7-89D5-7B50F69C6312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "43F1FCD5-4BC8-4051-982E-7112F5A128C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B71B1E3F-F7DE-4B0A-8304-0980B6EDB776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "79F12DFE-4241-4D0B-A0BC-F022B6995921",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "383C020A-F8FD-48F9-8F82-1CDE8620D6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6213B8E5-3E2E-43F0-A0ED-72EC414C39B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0CEE2D4D-5627-4DD5-B8A5-88B0A8440CAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3F4194-12F3-4379-AC7E-7BB6BFD4A76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A4DFF375-C9E5-40A9-9167-9DADE291763B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "3A36C9D3-4CD6-4708-A721-4CA905306617",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "7A0C39EC-75DC-4ECF-8012-C3062375836A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5A03BB26-A344-498B-8FE4-3D027EFC6606",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "E4DF1BAD-EFCF-4723-AAB5-B2733992659C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "CC474FF5-E3BE-4B81-B5AC-1D32A44C259F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "A5910845-D601-4503-82CC-49D8A11F4B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "9F5FECB4-41D4-4FDF-8693-7FF1D51CF1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "1DE7FBF1-11F4-4B36-BFD2-041A14E70360",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "4750C422-7D8B-45CC-BD33-35D9BE5FFBC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "40902BFF-81A9-4CFC-9FC1-61F353DEFDF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA80139-B632-4108-BB44-41A4ABA41F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "0C17CE07-41E0-4115-AC82-5C697DA8C5C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "9E07888E-FEC4-43F2-90D1-91665606BD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.0.2.03:*:*:*:*:*:*:*",
"matchCriteriaId": "B338AFCE-9219-4F70-A08A-A9E6E0E967EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.0.09:*:*:*:*:*:*:*",
"matchCriteriaId": "A00ADE78-233F-4284-AC67-4606306D7EC5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.06:*:*:*:*:*:*:*",
"matchCriteriaId": "664F445F-91A3-4AE9-8D60-76C656402EB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01C90ED8-03B2-4FF8-9C8E-8340A5E8E13B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "557AB540-0F7F-4F54-9BCD-9103217C923E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.2.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "AA7F2FC6-F13E-445D-B2B6-01A7019F90F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AAE28E-65DE-425A-917E-549DC1D0DFA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "91CA984F-F579-421C-9A11-DCBE731A49FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.2.02:*:*:*:*:*:*:*",
"matchCriteriaId": "33E8C022-40EE-4B36-B7ED-3E51CBB1AB9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.6-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "26CD8F90-6BA8-466F-92D9-FFC264574F77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.12.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "FC42A543-F2BB-4FFF-9674-61D01F3406DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.3.13.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEE1D3B-1D22-4024-9191-56B2615F8ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.15:*:*:*:*:*:*:*",
"matchCriteriaId": "A402AB90-03C8-4B5B-AEF9-CDAC023DA6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F865F54F-E4D6-4B92-9644-992A44F7D562",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.19:*:*:*:*:*:*:*",
"matchCriteriaId": "91AC5D05-728E-49A8-8A75-2CF97FAFD68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D82F96CC-94E9-46C5-B886-CD63B2060145",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.4.2.22:*:*:*:*:*:*:*",
"matchCriteriaId": "EC425B75-5584-4184-BEC0-44FAD8B431DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.05:*:*:*:*:*:*:*",
"matchCriteriaId": "B9B992F2-43D5-4FBF-A94A-EA8E8B0EBB01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A660B64F-2CF8-48C3-877E-B583E1CFC0FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:1.5.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "55476CAD-BDB3-46CB-95A0-74BA8F49A5D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.1-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "A89E5621-BA1F-450C-8E82-FC4764B54905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.0.19-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4DF0F5-853A-430E-8C93-556D4FF29C63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:3.0.2.01-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "109BC8D1-E547-45C4-99AA-C74495F8E8CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67F823CE-90D6-4914-B125-88B6F868808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.2.08-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "53551C1A-9DBD-4E5E-8FA7-C04EE2A38D20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.3.03-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "CC2360AC-5C88-4F8B-9BC8-48FBA716CFBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.0.4.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "F4C3D1D3-034B-4B6E-BC78-050D22A3D84E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.0.02-tm:*:*:*:*:*:*:*",
"matchCriteriaId": "15271254-5905-4D08-BD9E-08F841AA29D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.1.1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB609CB-934B-43E4-A884-FDC7B58D0560",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.1.02:*:*:*:*:*:*:*",
"matchCriteriaId": "70B52828-6B38-4561-9D79-83DD8EC294A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.2.08:*:*:*:*:*:*:*",
"matchCriteriaId": "9DDE7B4C-CF8F-4CE6-AD3F-CE74377D4077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.03:*:*:*:*:*:*:*",
"matchCriteriaId": "523B6515-33AE-4606-A7D6-C698D26659D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.06:*:*:*:*:*:*:*",
"matchCriteriaId": "42A388D2-AE67-4B5E-AFEF-32F7834652E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.07:*:*:*:*:*:*:*",
"matchCriteriaId": "B30845DA-3C00-4567-B590-61BAC547B312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.08:*:*:*:*:*:*:*",
"matchCriteriaId": "D28A6411-627C-46BE-9D59-3519B3816BD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.09:*:*:*:*:*:*:*",
"matchCriteriaId": "00659549-4B19-4B16-8DBD-71627453A1EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3724D315-5DCD-4378-85F1-1880C535317C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:4.2.3.14:*:*:*:*:*:*:*",
"matchCriteriaId": "45F4AF99-6774-4EF4-BD0C-64FE18FC3B46",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores Cisco Small Business RV042, RV042G, RV320 y RV325 podr\u00eda permitir que un atacante remoto autenticado, de nivel de administrador, provoque una recarga inesperada de un dispositivo afectado, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Para explotar esta vulnerabilidad, un atacante necesitar\u00eda tener credenciales de administrador v\u00e1lidas en el dispositivo afectado. Esta vulnerabilidad se debe a una validaci\u00f3n incorrecta de la entrada del usuario que se encuentra en los paquetes HTTP entrantes. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada a la interfaz de administraci\u00f3n basada en web del dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que el atacante provoque una recarga inesperada del dispositivo, lo que da como resultado una condici\u00f3n de denegaci\u00f3n de servicio (DoS)."
}
],
"id": "CVE-2024-20516",
"lastModified": "2024-10-08T13:44:10.840",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-10-02T17:15:18.200",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20362
Vulnerability from fkie_nvd - Published: 2024-04-03 17:15 - Updated: 2025-08-05 14:44
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | rv016_firmware | - | |
| cisco | rv016 | - | |
| cisco | rv042_firmware | - | |
| cisco | rv042 | - | |
| cisco | rv042g_firmware | - | |
| cisco | rv042g | - | |
| cisco | rv082_firmware | - | |
| cisco | rv082 | - | |
| cisco | rv320_firmware | - | |
| cisco | rv320 | - | |
| cisco | rv325_firmware | - | |
| cisco | rv325 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCC05438-3064-4FB6-9177-9EA60C8E250C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "701E3CF5-15C0-419A-97A8-9BD2C55D74AB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A39236-B032-46BB-94D0-3E0E3E557BC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DCBB2D8-AACF-45EA-B9D4-DAECC7C792D1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E699C11F-3C7C-420D-9243-5CD2A6B98EF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv042g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CD7D9C-DDEF-4DF0-BCFB-A45301AE2C10",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF65E38-D812-4F6E-903C-05E203F3E9F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv082:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24FC4446-22C0-4EC9-84B4-A76412680105",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0C17C5F-4EB7-4859-8127-AE027A72CB2C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv320:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7596F6D4-10DA-4F29-95AD-75B60F4670D6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69F1C458-0EF3-4AD6-9055-355711F3751E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:rv325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3435D601-EDA8-49FF-8841-EA6DF1518C75",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los Routers Cisco Small Business RV016, RV042, RV042G, RV082, RV320 y RV325 podr\u00eda permitir que un atacante remoto no autenticado lleve a cabo un ataque de Cross Site Scripting (XSS) contra un usuario de la interfaz. Esta vulnerabilidad se debe a una validaci\u00f3n de entrada insuficiente por parte de la interfaz de administraci\u00f3n basada en web. Un atacante podr\u00eda aprovechar esta vulnerabilidad persuadiendo a un usuario para que visite p\u00e1ginas web espec\u00edficas que incluyan payloads maliciosos. Un exploit exitoso podr\u00eda permitir al atacante ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz afectada o acceder a informaci\u00f3n confidencial basada en el navegador."
}
],
"id": "CVE-2024-20362",
"lastModified": "2025-08-05T14:44:28.830",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
},
"published": "2024-04-03T17:15:49.707",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-80"
}
],
"source": "psirt@cisco.com",
"type": "Secondary"
}
]
}
CVE-2024-20524 (GCVE-0-2024-20524)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:57 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20524",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:43.563003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:33.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:57:45.406Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20524",
"datePublished": "2024-10-02T16:57:45.406Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T17:25:33.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20523 (GCVE-0-2024-20523)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:57 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:45.741625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:39.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:57:35.516Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20523",
"datePublished": "2024-10-02T16:57:35.516Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T17:25:39.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20522 (GCVE-0-2024-20522)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:57 – Updated: 2024-10-02 18:52
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.5 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20522",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:28:32.467559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T18:52:46.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:57:27.083Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20522",
"datePublished": "2024-10-02T16:57:27.083Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T18:52:46.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20521 (GCVE-0-2024-20521)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:56 – Updated: 2024-10-17 19:51
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20521",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:25:56.653631Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T19:51:56.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:42.263Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20521",
"datePublished": "2024-10-02T16:56:42.263Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-17T19:51:56.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20520 (GCVE-0-2024-20520)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:56 – Updated: 2024-10-02 19:09
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:55:31.611704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:09:54.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:33.815Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20520",
"datePublished": "2024-10-02T16:56:33.815Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T19:09:54.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20519 (GCVE-0-2024-20519)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:56 – Updated: 2024-10-02 19:12
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:55:47.348958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:12:10.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:21.994Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20519",
"datePublished": "2024-10-02T16:56:21.994Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T19:12:10.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20518 (GCVE-0-2024-20518)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:56 – Updated: 2024-10-02 19:12
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:56:15.521738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:12:22.612Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:12.546Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20518",
"datePublished": "2024-10-02T16:56:12.546Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-10-02T19:12:22.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20517 (GCVE-0-2024-20517)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:56 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:47.778863Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:46.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:02.025Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20517",
"datePublished": "2024-10-02T16:56:02.025Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-10-02T17:25:46.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20516 (GCVE-0-2024-20516)
Vulnerability from cvelistv5 – Published: 2024-10-02 16:55 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:49.883022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:54.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:55:52.185Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20516",
"datePublished": "2024-10-02T16:55:52.185Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-10-02T17:25:54.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20362 (GCVE-0-2024-20362)
Vulnerability from cvelistv5 – Published: 2024-04-03 16:25 – Updated: 2024-11-07 19:16
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
1.1.0.09
Affected: 1.1.1.19 Affected: 1.1.1.06 Affected: 1.2.1.14 Affected: 2.0.0.19-tm Affected: 1.3.1.12 Affected: 1.3.1.10 Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 4.0.0.7 Affected: 4.0.2.08-tm Affected: 4.0.3.03-tm Affected: 4.0.4.02-tm Affected: 4.2.2.08 Affected: 4.2.3.03 Affected: 4.2.3.06 Affected: 4.2.3.07 Affected: 4.2.3.09 Affected: 4.2.3.10 Affected: 4.2.3.14 Affected: 1.4.2.15 Affected: 1.4.2.17 Affected: 1.4.2.19 Affected: 1.4.2.22 Affected: 3.0.0.1-tm Affected: 4.1.1.01 Affected: 1.5.1.05 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:02:16.853338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T19:16:09.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-sbiz-rv-xss-OQeRTup",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "2.0.0.19-tm"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "1.5.1.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:25:56.368Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sbiz-rv-xss-OQeRTup",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
}
],
"source": {
"advisory": "cisco-sa-sbiz-rv-xss-OQeRTup",
"defects": [
"CSCwj24997"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20362",
"datePublished": "2024-04-03T16:25:56.368Z",
"dateReserved": "2023-11-08T15:08:07.651Z",
"dateUpdated": "2024-11-07T19:16:09.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20524 (GCVE-0-2024-20524)
Vulnerability from nvd – Published: 2024-10-02 16:57 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20524",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:43.563003Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:33.476Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:57:45.406Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20524",
"datePublished": "2024-10-02T16:57:45.406Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T17:25:33.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20523 (GCVE-0-2024-20523)
Vulnerability from nvd – Published: 2024-10-02 16:57 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20523",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:45.741625Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:39.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:57:35.516Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20523",
"datePublished": "2024-10-02T16:57:35.516Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T17:25:39.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20522 (GCVE-0-2024-20522)
Vulnerability from nvd – Published: 2024-10-02 16:57 – Updated: 2024-10-02 18:52
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.5 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20522",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:28:32.467559Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T18:52:46.250Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:57:27.083Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20522",
"datePublished": "2024-10-02T16:57:27.083Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T18:52:46.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20521 (GCVE-0-2024-20521)
Vulnerability from nvd – Published: 2024-10-02 16:56 – Updated: 2024-10-17 19:51
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20521",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:25:56.653631Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-17T19:51:56.350Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:42.263Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20521",
"datePublished": "2024-10-02T16:56:42.263Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-17T19:51:56.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20520 (GCVE-0-2024-20520)
Vulnerability from nvd – Published: 2024-10-02 16:56 – Updated: 2024-10-02 19:09
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:55:31.611704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:09:54.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:33.815Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20520",
"datePublished": "2024-10-02T16:56:33.815Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T19:09:54.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20519 (GCVE-0-2024-20519)
Vulnerability from nvd – Published: 2024-10-02 16:56 – Updated: 2024-10-02 19:12
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:55:47.348958Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:12:10.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:21.994Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20519",
"datePublished": "2024-10-02T16:56:21.994Z",
"dateReserved": "2023-11-08T15:08:07.690Z",
"dateUpdated": "2024-10-02T19:12:10.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20518 (GCVE-0-2024-20518)
Vulnerability from nvd – Published: 2024-10-02 16:56 – Updated: 2024-10-02 19:12
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user.
Severity ?
6.5 (Medium)
CWE
- CWE-121 - Stack-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "small_business_rv_series_router_firmware",
"vendor": "cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T18:56:15.521738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T19:12:22.612Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system as the root user."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "Stack-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:12.546Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Remote Command Execution Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20518",
"datePublished": "2024-10-02T16:56:12.546Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-10-02T19:12:22.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20517 (GCVE-0-2024-20517)
Vulnerability from nvd – Published: 2024-10-02 16:56 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:47.778863Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:46.768Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:56:02.025Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20517",
"datePublished": "2024-10-02T16:56:02.025Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-10-02T17:25:46.768Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20516 (GCVE-0-2024-20516)
Vulnerability from nvd – Published: 2024-10-02 16:55 – Updated: 2024-10-02 17:25
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.
This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Severity ?
6.8 (Medium)
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
4.0.2.08-tm
Affected: 4.2.3.08 Affected: 4.1.1.01 Affected: 4.2.3.03 Affected: 3.0.0.1-tm Affected: 4.1.0.02-tm Affected: 4.2.3.09 Affected: 3.0.2.01-tm Affected: 4.2.3.10 Affected: 3.0.0.19-tm Affected: 4.2.3.06 Affected: 4.2.2.08 Affected: 4.0.3.03-tm Affected: 4.0.0.7 Affected: 4.2.1.02 Affected: 4.2.3.07 Affected: 4.0.4.02-tm Affected: 1.3.12.19-tm Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 1.3.1.10 Affected: 1.2.1.13 Affected: 1.1.1.19 Affected: 1.4.2.15 Affected: 1.5.1.05 Affected: 1.0.2.03 Affected: 1.1.0.09 Affected: 1.2.1.14 Affected: 1.3.2.02 Affected: 1.3.1.12 Affected: 1.0.1.17 Affected: 1.4.2.19 Affected: 1.1.1.06 Affected: 1.4.2.20 Affected: 1.4.2.22 Affected: 1.4.2.17 Affected: 4.2.3.14 Affected: 1.5.1.11 Affected: 1.5.1.13 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20516",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T17:17:49.883022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T17:25:54.379Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.2.3.08"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.0.02-tm"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "3.0.2.01-tm"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "3.0.0.19-tm"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.2.1.02"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "1.3.12.19-tm"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.2.1.13"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.5.1.05"
},
{
"status": "affected",
"version": "1.0.2.03"
},
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "1.3.2.02"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.0.1.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.4.2.20"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.5.1.11"
},
{
"status": "affected",
"version": "1.5.1.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.\r\n\u0026nbsp;\r\nThis vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:55:52.185Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV"
}
],
"source": {
"advisory": "cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV",
"defects": [
"CSCwm48770"
],
"discovery": "EXTERNAL"
},
"title": "Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20516",
"datePublished": "2024-10-02T16:55:52.185Z",
"dateReserved": "2023-11-08T15:08:07.689Z",
"dateUpdated": "2024-10-02T17:25:54.379Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20362 (GCVE-0-2024-20362)
Vulnerability from nvd – Published: 2024-04-03 16:25 – Updated: 2024-11-07 19:16
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Severity ?
6.1 (Medium)
CWE
- CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware |
Affected:
1.1.0.09
Affected: 1.1.1.19 Affected: 1.1.1.06 Affected: 1.2.1.14 Affected: 2.0.0.19-tm Affected: 1.3.1.12 Affected: 1.3.1.10 Affected: 1.3.12.6-tm Affected: 1.3.13.02-tm Affected: 4.0.0.7 Affected: 4.0.2.08-tm Affected: 4.0.3.03-tm Affected: 4.0.4.02-tm Affected: 4.2.2.08 Affected: 4.2.3.03 Affected: 4.2.3.06 Affected: 4.2.3.07 Affected: 4.2.3.09 Affected: 4.2.3.10 Affected: 4.2.3.14 Affected: 1.4.2.15 Affected: 1.4.2.17 Affected: 1.4.2.19 Affected: 1.4.2.22 Affected: 3.0.0.1-tm Affected: 4.1.1.01 Affected: 1.5.1.05 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-03T20:02:16.853338Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T19:16:09.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-sa-sbiz-rv-xss-OQeRTup",
"tags": [
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Small Business RV Series Router Firmware",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "1.1.0.09"
},
{
"status": "affected",
"version": "1.1.1.19"
},
{
"status": "affected",
"version": "1.1.1.06"
},
{
"status": "affected",
"version": "1.2.1.14"
},
{
"status": "affected",
"version": "2.0.0.19-tm"
},
{
"status": "affected",
"version": "1.3.1.12"
},
{
"status": "affected",
"version": "1.3.1.10"
},
{
"status": "affected",
"version": "1.3.12.6-tm"
},
{
"status": "affected",
"version": "1.3.13.02-tm"
},
{
"status": "affected",
"version": "4.0.0.7"
},
{
"status": "affected",
"version": "4.0.2.08-tm"
},
{
"status": "affected",
"version": "4.0.3.03-tm"
},
{
"status": "affected",
"version": "4.0.4.02-tm"
},
{
"status": "affected",
"version": "4.2.2.08"
},
{
"status": "affected",
"version": "4.2.3.03"
},
{
"status": "affected",
"version": "4.2.3.06"
},
{
"status": "affected",
"version": "4.2.3.07"
},
{
"status": "affected",
"version": "4.2.3.09"
},
{
"status": "affected",
"version": "4.2.3.10"
},
{
"status": "affected",
"version": "4.2.3.14"
},
{
"status": "affected",
"version": "1.4.2.15"
},
{
"status": "affected",
"version": "1.4.2.17"
},
{
"status": "affected",
"version": "1.4.2.19"
},
{
"status": "affected",
"version": "1.4.2.22"
},
{
"status": "affected",
"version": "3.0.0.1-tm"
},
{
"status": "affected",
"version": "4.1.1.01"
},
{
"status": "affected",
"version": "1.5.1.05"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r\n\r This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-80",
"description": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-03T16:25:56.368Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sbiz-rv-xss-OQeRTup",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbiz-rv-xss-OQeRTup"
}
],
"source": {
"advisory": "cisco-sa-sbiz-rv-xss-OQeRTup",
"defects": [
"CSCwj24997"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2024-20362",
"datePublished": "2024-04-03T16:25:56.368Z",
"dateReserved": "2023-11-08T15:08:07.651Z",
"dateUpdated": "2024-11-07T19:16:09.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}