![]() ![]() The most severe of these three flaws is CVE-2022-20708. Successful exploitation would elevate the attacker’s privileges, allowing them to execute arbitrary commands as root.ĬVE-2022-20707, CVE-2022-20708 and CVE-2022-20749 are RCE vulnerabilities in the Cisco RV340, RV340W, RV345 and RV345P Dual WAN Gigabit Routers. A remote, unauthenticated attacker could exploit this vulnerability by “submitting specific commands” to a vulnerable device. The most severe of these three flaws is CVE-2022-20700. According to Cisco, these vulnerabilities reside in the web-based management interface of its Cisco Small Business RV Series Routers. A remote, unauthenticated attacker could exploit this flaw by sending a specially crafted HTTP request to a vulnerable device that is “acting as an SSL VPN Gateway.” Successful exploitation would grant an attacker arbitrary code execution on the device with root privileges.ĬVE-2022-20700, CVE-2022-20701, CVE-2022-20702 are elevation of privilege vulnerabilities in the RV160, RV160W, RV260, RV260P, RV260W, RV340, RV340W, RV345 and RV345P routers. According to Cisco, the flaws exist due to an insufficient boundary check within the Secure Socket Layer Virtual Private Network (SSL VPN) module of these devices. Improper Session Management VulnerabilityĬSCwa14601, CSCwa14602, CSCwa32432, CSCwa54598ĬVE-2022-20699 is a remote code execution (RCE) vulnerability in the Cisco RV340, RV340W, RV345 and RV345P Dual WAN Gigabit Routers. ![]() CVEĭigital Signature Verification Bypass Vulnerability Three of the 15 vulnerabilities listed in the advisory received a CVSSv3 score of 10.0, the highest possible rating. On February 2, Cisco published an advisory for 15 vulnerabilities in its Small Business RV Series Routers. The Solution section has been updated with this information. Update February 4: Cisco has updated their advisory to announce partial patches for the RV160 and RV260 Series Routers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |