Cisco Rv345P Firmware vulnerabilities
34 known vulnerabilities affecting cisco/rv345p_firmware.
Total CVEs
34
CISA KEV
5
actively exploited
Public exploits
5
Exploited in wild
8
Severity breakdown
CRITICAL12HIGH14MEDIUM8
Vulnerabilities
Page 2 of 2
CVE-2022-20706HIGHCVSS 8.1≤ 1.0.03.242022-02-10
CVE-2022-20706 [CRITICAL] CWE-121 CVE-2022-20706: Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more informatio
nvd
CVE-2022-20704MEDIUMCVSS 4.8≤ 1.0.03.242022-02-10
CVE-2022-20704 [CRITICAL] CWE-121 CVE-2022-20704: Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more informatio
nvd
CVE-2022-20710MEDIUMCVSS 5.3≤ 1.0.03.242022-02-10
CVE-2022-20710 [CRITICAL] CWE-121 CVE-2022-20710: Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more informatio
nvd
CVE-2021-1520MEDIUMCVSS 6.7fixed in 1.0.03.212021-05-06
CVE-2021-1520 [MEDIUM] CWE-123 CVE-2021-1520: A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WA
A vulnerability in the internal message processing of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, local attacker to run arbitrary commands with root privileges on the underlying operating system (OS). This vulnerability exists because an internal messaging service does not properly sanitize input.
nvd
CVE-2021-1473CRITICALCVSS 9.8ExploitedPoCfixed in 1.0.03.212021-04-08
CVE-2021-1473 [MEDIUM] CWE-119 CVE-2021-1473: Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Seri
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2021-1472CRITICALCVSS 9.8ExploitedPoCfixed in 1.0.03.212021-04-08
CVE-2021-1472 [MEDIUM] CWE-119 CVE-2021-1472: Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Seri
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV Series Routers. A remote attacker could execute arbitrary commands or bypass authentication and upload files on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
nvd
CVE-2021-1308HIGHCVSS 7.4v1.0.0.14v1.0.1.14+1 more2021-04-08
CVE-2021-1308 [HIGH] CWE-119 CVE-2021-1308: Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected
nvd
CVE-2021-1251HIGHCVSS 7.4v1.0.1.14v1.0.3.202021-04-08
CVE-2021-1251 [HIGH] CWE-119 CVE-2021-1251: Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected
nvd
CVE-2021-1309HIGHCVSS 8.8v1.0.0.14v1.0.1.14+1 more2021-04-08
CVE-2021-1309 [HIGH] CWE-119 CVE-2021-1309: Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco
Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected
nvd
CVE-2021-1415MEDIUMCVSS 6.3fixed in 1.0.03.212021-04-08
CVE-2021-1415 [MEDIUM] CWE-502 CVE-2021-1415: Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. These vulnerabilities exist because HTTP requests are not pro
nvd
CVE-2021-1414MEDIUMCVSS 6.3fixed in 1.0.03.212021-04-08
CVE-2021-1414 [MEDIUM] CWE-502 CVE-2021-1414: Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. These vulnerabilities exist because HTTP requests are not pro
nvd
CVE-2021-1413MEDIUMCVSS 6.3fixed in 1.0.03.212021-04-08
CVE-2021-1413 [MEDIUM] CWE-502 CVE-2021-1413: Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV
Multiple vulnerabilities in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges equivalent to the web service process on an affected device. These vulnerabilities exist because HTTP requests are not pro
nvd
CVE-2020-3451MEDIUMCVSS 4.7fixed in 1.0.03.192020-09-04
CVE-2020-3451 [MEDIUM] CWE-119 CVE-2020-3451: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of
nvd
CVE-2020-3453MEDIUMCVSS 6.8fixed in 1.0.03.192020-09-04
CVE-2020-3453 [MEDIUM] CWE-119 CVE-2020-3453: Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of
nvd
← Previous2 / 2