CVE-2024-20393 (GCVE-0-2024-20393)

Vulnerability from cvelistv5 – Published: 2024-10-02 16:53 – Updated: 2024-10-02 19:58
VLAI?
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin.
Severity ?
8.8 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
References
Impacted products
Vendor Product Version
Cisco Cisco Small Business RV Series Router Firmware Affected: 1.0.01.17
Affected: 1.0.03.17
Affected: 1.0.01.16
Affected: 1.0.01.18
Affected: 1.0.00.29
Affected: 1.0.03.16
Affected: 1.0.03.15
Affected: 1.0.02.16
Affected: 1.0.01.20
Affected: 1.0.00.33
Affected: 1.0.03.18
Affected: 1.0.03.19
Affected: 1.0.03.20
Affected: 1.0.03.21
Affected: 1.0.03.22
Affected: 1.0.03.24
Affected: 1.0.03.26
Affected: 1.0.03.27
Affected: 1.0.03.28
Affected: 1.0.03.29
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "small_business_rv_series_router_firmware",
            "vendor": "cisco",
            "versions": [
              {
                "status": "affected",
                "version": "1.0.01.17"
              },
              {
                "status": "affected",
                "version": "1.0.03.17"
              },
              {
                "status": "affected",
                "version": "1.0.01.16"
              },
              {
                "status": "affected",
                "version": "1.0.01.18"
              },
              {
                "status": "affected",
                "version": "1.0.00.29"
              },
              {
                "status": "affected",
                "version": "1.0.03.16"
              },
              {
                "status": "affected",
                "version": "1.0.03.15"
              },
              {
                "status": "affected",
                "version": "1.0.02.16"
              },
              {
                "status": "affected",
                "version": "1.0.01.20"
              },
              {
                "status": "affected",
                "version": "1.0.00.33"
              },
              {
                "status": "affected",
                "version": "1.0.03.18"
              },
              {
                "status": "affected",
                "version": "1.0.03.19"
              },
              {
                "status": "affected",
                "version": "1.0.03.20"
              },
              {
                "status": "affected",
                "version": "1.0.03.21"
              },
              {
                "status": "affected",
                "version": "1.0.03.22"
              },
              {
                "status": "affected",
                "version": "1.0.03.24"
              },
              {
                "status": "affected",
                "version": "1.0.03.26"
              },
              {
                "status": "affected",
                "version": "1.0.03.27"
              },
              {
                "status": "affected",
                "version": "1.0.03.28"
              },
              {
                "status": "affected",
                "version": "1.0.03.29"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-20393",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-02T19:02:15.620891Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-02T19:58:58.443Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "Cisco Small Business RV Series Router Firmware",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "1.0.01.17"
            },
            {
              "status": "affected",
              "version": "1.0.03.17"
            },
            {
              "status": "affected",
              "version": "1.0.01.16"
            },
            {
              "status": "affected",
              "version": "1.0.01.18"
            },
            {
              "status": "affected",
              "version": "1.0.00.29"
            },
            {
              "status": "affected",
              "version": "1.0.03.16"
            },
            {
              "status": "affected",
              "version": "1.0.03.15"
            },
            {
              "status": "affected",
              "version": "1.0.02.16"
            },
            {
              "status": "affected",
              "version": "1.0.01.20"
            },
            {
              "status": "affected",
              "version": "1.0.00.33"
            },
            {
              "status": "affected",
              "version": "1.0.03.18"
            },
            {
              "status": "affected",
              "version": "1.0.03.19"
            },
            {
              "status": "affected",
              "version": "1.0.03.20"
            },
            {
              "status": "affected",
              "version": "1.0.03.21"
            },
            {
              "status": "affected",
              "version": "1.0.03.22"
            },
            {
              "status": "affected",
              "version": "1.0.03.24"
            },
            {
              "status": "affected",
              "version": "1.0.03.26"
            },
            {
              "status": "affected",
              "version": "1.0.03.27"
            },
            {
              "status": "affected",
              "version": "1.0.03.28"
            },
            {
              "status": "affected",
              "version": "1.0.03.29"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.\r\n\r\nThis vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "Improper Authorization",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-02T16:53:04.527Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-rv34x-privesc-rce-qE33TCms",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms"
        }
      ],
      "source": {
        "advisory": "cisco-sa-rv34x-privesc-rce-qE33TCms",
        "defects": [
          "CSCwm27935"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Privilege Escalation Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2024-20393",
    "datePublished": "2024-10-02T16:53:04.527Z",
    "dateReserved": "2023-11-08T15:08:07.659Z",
    "dateUpdated": "2024-10-02T19:58:58.443Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBAD013E-3550-4157-B52A-F045DEFB0810\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"566AF5EF-B7BD-4F4A-9D5E-82588207C80E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0B4BB7F-FE4B-404D-9977-AAA3D492634B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F6BCBFF6-9A31-48BD-B93D-598564A3BB30\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DB20575D-3E22-49CA-91DE-CBACF2146D3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8836DC95-1076-4CC4-8A6C-34F3ACCA312A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"45488336-CAF5-4F15-BB6E-5BEBD87A4F97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB498AAC-2FAC-4FCC-B644-1180627A5D1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"744B76F8-1276-42ED-8913-5FC9E11F2F2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A4D7663-50E6-45B1-8701-2DF2D7F744AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0E4341D-9FD4-4AAD-A5BE-35B0909A8FE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33A1EFF8-024B-46F6-A7E3-FCC593314B1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0D4C611-38FD-4BF1-B478-03F01283EAC5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4788385E-133A-4908-97A0-135403424DA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"150DE44A-A558-4C15-8028-C301259E5ABF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B5E8D98-570C-49A1-9934-45BBCD02AB6A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D9FF79A-BEE5-4204-B2C5-E0943DCD7773\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F15F5D4D-A256-4A2E-9873-F0514F81CA77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9ACFBF35-E5B2-4807-AC7D-E3021EAAEE94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA1379E9-D147-48F4-AE3A-860B49EFA497\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv340_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6822600-E716-4F22-AF34-AD2914D6C128\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BC16280-4809-4B2C-825C-76A99392F95F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A112271-F32C-49F5-B6DA-4DDBBB146106\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"133E4C64-B9C8-4B65-927D-39B7BDF89AC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACD9ECA7-1DC4-4122-9D02-B258A62A2FA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53A19846-F451-4578-A25B-F3777BE90C35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A69964DE-67E6-4B1C-B3D2-C9177A891C40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB3346A2-D0FB-4AE7-87C0-793DE49D555B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40B366BB-EC50-4C1A-ACFA-61C86714FE1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29C253B5-DAAD-45F0-8A45-B6F44FC74DAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4893D744-9041-4C89-A33C-8BB989B3FDFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2AB31F2B-3A74-45DD-B21E-A698E321BA6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCE2B1CD-E350-4C5D-BAA6-17138A8343F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03FFDBF2-939C-46A3-BA90-6DED64474338\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"426C4FDC-AAF3-4726-80D0-7C48B06A7E65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E08A813B-630D-4EF4-812B-9E81A48A1DC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F27B5644-BA7B-4442-A539-337F93238479\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9504523A-37F0-417A-99B4-CABE21E5E744\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE54D030-093B-4267-8169-C2DCF72605D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D70E0828-1150-44FD-82C2-C441A3ACF644\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1C0171B-4C5D-4C15-84DD-E556C5AFDCBA\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7E29320-5668-4F48-9BA1-DC81B256320B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85C44874-31B8-4872-9973-4444D15B09B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"005FADE6-BF4F-416A-965A-46BF5F6C6D0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F78C801-EC2A-4B28-9ED1-A30E3589C3F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2218EEEA-BB4D-4343-BB9F-3C01EA473342\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"609583B2-4D32-4E76-AA9B-DA24A1BAFB16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59D15056-B04A-40F1-A6D4-66A91FCE5A75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"217B02B2-B4E6-40E7-993C-238D7FBEBFF9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5659BD61-EE0C-49BF-8484-034A58BA32E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B9B65AE-D6EF-4A2E-9C2D-D96E64506080\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"383D6202-4215-46F5-9AA8-F7348997B99A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"55939AC6-77E2-43E6-956C-B0B99CEAB315\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2385BD9B-80C6-4E54-A4A9-EEA724E58FE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64CA692C-2D66-483B-A440-746A998CED07\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D4AEE39-5EE2-43C7-80DC-B078A9953D4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85FA6AFD-7A8E-4505-8E4F-3A06199E6697\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36FE60B1-EE9F-4034-9612-482E2EECFBEA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCCD1FC1-6029-4DDC-898C-169E429D1FA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C1E99B3-ACEA-48C1-A649-497D5960F215\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"53A69806-3B9F-46E5-877B-9477E3AF0A34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95D01F5A-1CC5-4C52-AB70-5DF41588EF98\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv345_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DF1ED87-3FDB-42CA-AA96-508B5F7B9206\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D2812299-2A3C-49AA-9E81-BE4AA50F0D8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"20569E42-E769-401B-8163-3981C7905943\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"105566D1-80A2-4545-9BF9-B3382162CA48\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A468D852-CA7F-4561-9F0E-DB6A056A5F31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C72F80EF-787D-4A5E-9B03-5215AD400571\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"66D7C66E-AF9E-4419-B6CE-3489DC19212E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"041D9323-A320-4492-BAC7-4E0B06FF56E1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D047F9E-7BCE-4F7E-B334-426F46CFCE66\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77E8D977-F28F-46D9-8DA2-7A1746F4278F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A87D53D4-AF6F-4E5C-A7A4-099294029C59\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"42672D7D-5265-4323-A284-F36722F7C36A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A71CFA39-CF25-4B37-855A-7816770633ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2649FFCF-D9E1-466A-A7ED-4A2653259A3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"743D74FF-2334-4C16-BDDD-FDFD4EEBF9EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29AF1721-2676-4FDA-97E0-55E53A03AC16\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3005E36-D17A-498B-9BF4-1D972FA03553\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFD115E4-53C8-4E3C-9024-4AE5F1F5DFB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D0231F8-CC96-4F02-9737-654FECFCF624\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C600D9E-4DDF-45A2-8760-749F0FB06513\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B675841D-7591-492F-BCF0-E63D416C7F1E\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:cisco:rv345p_dual_wan_gigabit_poe_vpn_router:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF972452-70D7-4026-A326-ACDD7446DD9B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.\\r\\n\\r\\nThis vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en la interfaz de administraci\\u00f3n basada en web de los enrutadores VPN Gigabit de doble WAN Cisco Small Business RV340, RV340W, RV345 y RV345P podr\\u00eda permitir que un atacante remoto autenticado eleve los privilegios en un dispositivo afectado. Esta vulnerabilidad existe porque la interfaz de administraci\\u00f3n basada en web revela informaci\\u00f3n confidencial. Un atacante podr\\u00eda aprovechar esta vulnerabilidad enviando una entrada HTTP manipulada a un dispositivo afectado. Una explotaci\\u00f3n exitosa podr\\u00eda permitir que un atacante eleve los privilegios de invitado a administrador.\"}]",
      "id": "CVE-2024-20393",
      "lastModified": "2024-10-08T14:37:39.713",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2024-10-02T17:15:15.337",
      "references": "[{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"ykramarz@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-285\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-20393\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2024-10-02T17:15:15.337\",\"lastModified\":\"2024-10-08T14:37:39.713\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.\\r\\n\\r\\nThis vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de los enrutadores VPN Gigabit de doble WAN Cisco Small Business RV340, RV340W, RV345 y RV345P podr\u00eda permitir que un atacante remoto autenticado eleve los privilegios en un dispositivo afectado. Esta vulnerabilidad existe porque la interfaz de administraci\u00f3n basada en web revela informaci\u00f3n confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando una entrada HTTP manipulada a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir que un atacante eleve los privilegios de invitado a administrador.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-285\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBAD013E-3550-4157-B52A-F045DEFB0810\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"566AF5EF-B7BD-4F4A-9D5E-82588207C80E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0B4BB7F-FE4B-404D-9977-AAA3D492634B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F6BCBFF6-9A31-48BD-B93D-598564A3BB30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DB20575D-3E22-49CA-91DE-CBACF2146D3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8836DC95-1076-4CC4-8A6C-34F3ACCA312A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"45488336-CAF5-4F15-BB6E-5BEBD87A4F97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB498AAC-2FAC-4FCC-B644-1180627A5D1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"744B76F8-1276-42ED-8913-5FC9E11F2F2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A4D7663-50E6-45B1-8701-2DF2D7F744AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0E4341D-9FD4-4AAD-A5BE-35B0909A8FE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33A1EFF8-024B-46F6-A7E3-FCC593314B1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0D4C611-38FD-4BF1-B478-03F01283EAC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4788385E-133A-4908-97A0-135403424DA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"150DE44A-A558-4C15-8028-C301259E5ABF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B5E8D98-570C-49A1-9934-45BBCD02AB6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D9FF79A-BEE5-4204-B2C5-E0943DCD7773\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F15F5D4D-A256-4A2E-9873-F0514F81CA77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9ACFBF35-E5B2-4807-AC7D-E3021EAAEE94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA1379E9-D147-48F4-AE3A-860B49EFA497\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv340_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6822600-E716-4F22-AF34-AD2914D6C128\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BC16280-4809-4B2C-825C-76A99392F95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A112271-F32C-49F5-B6DA-4DDBBB146106\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"133E4C64-B9C8-4B65-927D-39B7BDF89AC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACD9ECA7-1DC4-4122-9D02-B258A62A2FA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53A19846-F451-4578-A25B-F3777BE90C35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A69964DE-67E6-4B1C-B3D2-C9177A891C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB3346A2-D0FB-4AE7-87C0-793DE49D555B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40B366BB-EC50-4C1A-ACFA-61C86714FE1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29C253B5-DAAD-45F0-8A45-B6F44FC74DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4893D744-9041-4C89-A33C-8BB989B3FDFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AB31F2B-3A74-45DD-B21E-A698E321BA6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCE2B1CD-E350-4C5D-BAA6-17138A8343F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03FFDBF2-939C-46A3-BA90-6DED64474338\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"426C4FDC-AAF3-4726-80D0-7C48B06A7E65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E08A813B-630D-4EF4-812B-9E81A48A1DC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F27B5644-BA7B-4442-A539-337F93238479\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9504523A-37F0-417A-99B4-CABE21E5E744\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE54D030-093B-4267-8169-C2DCF72605D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D70E0828-1150-44FD-82C2-C441A3ACF644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1C0171B-4C5D-4C15-84DD-E556C5AFDCBA\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E29320-5668-4F48-9BA1-DC81B256320B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85C44874-31B8-4872-9973-4444D15B09B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"005FADE6-BF4F-416A-965A-46BF5F6C6D0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F78C801-EC2A-4B28-9ED1-A30E3589C3F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2218EEEA-BB4D-4343-BB9F-3C01EA473342\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"609583B2-4D32-4E76-AA9B-DA24A1BAFB16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59D15056-B04A-40F1-A6D4-66A91FCE5A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"217B02B2-B4E6-40E7-993C-238D7FBEBFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5659BD61-EE0C-49BF-8484-034A58BA32E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9B65AE-D6EF-4A2E-9C2D-D96E64506080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"383D6202-4215-46F5-9AA8-F7348997B99A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55939AC6-77E2-43E6-956C-B0B99CEAB315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2385BD9B-80C6-4E54-A4A9-EEA724E58FE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64CA692C-2D66-483B-A440-746A998CED07\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D4AEE39-5EE2-43C7-80DC-B078A9953D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85FA6AFD-7A8E-4505-8E4F-3A06199E6697\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36FE60B1-EE9F-4034-9612-482E2EECFBEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCCD1FC1-6029-4DDC-898C-169E429D1FA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C1E99B3-ACEA-48C1-A649-497D5960F215\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"53A69806-3B9F-46E5-877B-9477E3AF0A34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95D01F5A-1CC5-4C52-AB70-5DF41588EF98\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv345_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DF1ED87-3FDB-42CA-AA96-508B5F7B9206\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2812299-2A3C-49AA-9E81-BE4AA50F0D8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20569E42-E769-401B-8163-3981C7905943\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"105566D1-80A2-4545-9BF9-B3382162CA48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A468D852-CA7F-4561-9F0E-DB6A056A5F31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C72F80EF-787D-4A5E-9B03-5215AD400571\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66D7C66E-AF9E-4419-B6CE-3489DC19212E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"041D9323-A320-4492-BAC7-4E0B06FF56E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D047F9E-7BCE-4F7E-B334-426F46CFCE66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77E8D977-F28F-46D9-8DA2-7A1746F4278F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A87D53D4-AF6F-4E5C-A7A4-099294029C59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42672D7D-5265-4323-A284-F36722F7C36A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A71CFA39-CF25-4B37-855A-7816770633ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2649FFCF-D9E1-466A-A7ED-4A2653259A3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"743D74FF-2334-4C16-BDDD-FDFD4EEBF9EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29AF1721-2676-4FDA-97E0-55E53A03AC16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3005E36-D17A-498B-9BF4-1D972FA03553\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFD115E4-53C8-4E3C-9024-4AE5F1F5DFB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D0231F8-CC96-4F02-9737-654FECFCF624\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C600D9E-4DDF-45A2-8760-749F0FB06513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B675841D-7591-492F-BCF0-E63D416C7F1E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:cisco:rv345p_dual_wan_gigabit_poe_vpn_router:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF972452-70D7-4026-A326-ACDD7446DD9B\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-20393\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-02T19:02:15.620891Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"cisco\", \"product\": \"small_business_rv_series_router_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.01.17\"}, {\"status\": \"affected\", \"version\": \"1.0.03.17\"}, {\"status\": \"affected\", \"version\": \"1.0.01.16\"}, {\"status\": \"affected\", \"version\": \"1.0.01.18\"}, {\"status\": \"affected\", \"version\": \"1.0.00.29\"}, {\"status\": \"affected\", \"version\": \"1.0.03.16\"}, {\"status\": \"affected\", \"version\": \"1.0.03.15\"}, {\"status\": \"affected\", \"version\": \"1.0.02.16\"}, {\"status\": \"affected\", \"version\": \"1.0.01.20\"}, {\"status\": \"affected\", \"version\": \"1.0.00.33\"}, {\"status\": \"affected\", \"version\": \"1.0.03.18\"}, {\"status\": \"affected\", \"version\": \"1.0.03.19\"}, {\"status\": \"affected\", \"version\": \"1.0.03.20\"}, {\"status\": \"affected\", \"version\": \"1.0.03.21\"}, {\"status\": \"affected\", \"version\": \"1.0.03.22\"}, {\"status\": \"affected\", \"version\": \"1.0.03.24\"}, {\"status\": \"affected\", \"version\": \"1.0.03.26\"}, {\"status\": \"affected\", \"version\": \"1.0.03.27\"}, {\"status\": \"affected\", \"version\": \"1.0.03.28\"}, {\"status\": \"affected\", \"version\": \"1.0.03.29\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-02T19:57:11.915Z\"}}], \"cna\": {\"title\": \"Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Privilege Escalation Vulnerability\", \"source\": {\"defects\": [\"CSCwm27935\"], \"advisory\": \"cisco-sa-rv34x-privesc-rce-qE33TCms\", \"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Small Business RV Series Router Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.0.01.17\"}, {\"status\": \"affected\", \"version\": \"1.0.03.17\"}, {\"status\": \"affected\", \"version\": \"1.0.01.16\"}, {\"status\": \"affected\", \"version\": \"1.0.01.18\"}, {\"status\": \"affected\", \"version\": \"1.0.00.29\"}, {\"status\": \"affected\", \"version\": \"1.0.03.16\"}, {\"status\": \"affected\", \"version\": \"1.0.03.15\"}, {\"status\": \"affected\", \"version\": \"1.0.02.16\"}, {\"status\": \"affected\", \"version\": \"1.0.01.20\"}, {\"status\": \"affected\", \"version\": \"1.0.00.33\"}, {\"status\": \"affected\", \"version\": \"1.0.03.18\"}, {\"status\": \"affected\", \"version\": \"1.0.03.19\"}, {\"status\": \"affected\", \"version\": \"1.0.03.20\"}, {\"status\": \"affected\", \"version\": \"1.0.03.21\"}, {\"status\": \"affected\", \"version\": \"1.0.03.22\"}, {\"status\": \"affected\", \"version\": \"1.0.03.24\"}, {\"status\": \"affected\", \"version\": \"1.0.03.26\"}, {\"status\": \"affected\", \"version\": \"1.0.03.27\"}, {\"status\": \"affected\", \"version\": \"1.0.03.28\"}, {\"status\": \"affected\", \"version\": \"1.0.03.29\"}], \"defaultStatus\": \"unknown\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms\", \"name\": \"cisco-sa-rv34x-privesc-rce-qE33TCms\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device.\\r\\n\\r\\nThis vulnerability exists because the web-based management interface discloses sensitive information. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow an attacker to elevate privileges from guest to admin.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-285\", \"description\": \"Improper Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2024-10-02T16:53:04.527Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-20393\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-02T19:58:58.443Z\", \"dateReserved\": \"2023-11-08T15:08:07.659Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2024-10-02T16:53:04.527Z\", \"assignerShortName\": \"cisco\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.