MEANING OF RV IN CISCO SMALL BUSINESS ROUTERS INSTALL
There are no workarounds that address this these vulnerabilities.ĬVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NĬVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:NĬVE-2022-20703: Cisco Small Business RV Series Routers Digital Signature Verification Bypass VulnerabilityĪ vulnerability in the software image verification feature of Cisco Small Business RV Series Routers could allow an unauthenticated, local attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the affected system.Ĭisco has released software updates that address these vulnerabilities. An attacker could exploit these vulnerabilities by submitting specific commands to an affected device. These vulnerabilities are due to insufficient authorization enforcement mechanisms. Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV Series Routers could allow a remote attacker to elevate privileges to root. A successful exploit could allow the attacker to execute code with root privileges on the affected device.ĬVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HĬVE-2022-20700, CVE-2022-20701, CVE-2022-20702: Cisco Small Business RV Series Routers Privilege Escalation Vulnerabilities An attacker could exploit this vulnerability by sending malicious HTTP requests to the affected device that is acting as an SSL VPN Gateway. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests.
Exploitation of one of the vulnerabilities may be required to exploit another vulnerability.ĭetails about the vulnerabilities are as follows:ĬVE-2022-20699: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL VPN Remote Code Execution VulnerabilityĪ vulnerability in the SSL VPN module of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. Some of the vulnerabilities are dependent on one another.