CVE-2022-20827

CWE-120Classic Buffer OverflowCWE-78OS Command InjectionCWE-77Command Injection4 documents4 sources
Severity
10.0CRITICAL
EPSS
5.8%
top 9.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Cisco Rv160 FirmwareCisco Rv160w FirmwareCisco Rv260 Firmware+7 more
Timeline
PublishedAug 10
Latest updateAug 11

Description

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.2 | Impact: 6.0

Affected Packages10 packages

NVDcisco/rv160_firmware< 1.0.01.05
NVDcisco/rv260_firmware< 1.0.01.05
NVDcisco/rv340_firmware< 1.0.03.26
NVDcisco/rv345_firmware< 1.0.03.26

🔴Vulnerability Details

2
GHSA
GHSA-566p-j792-hxrj: Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to exec2022-08-11
CVEList
Cisco Small Business RV Series Routers Vulnerabilities2022-08-10

📋Vendor Advisories

1
Cisco
Cisco Small Business RV Series Routers Vulnerabilities2022-08-03
CVE-2022-20827 (CRITICAL CVSS 10) | Multiple vulnerabilities in Cisco S | cvebase.io