Multiple vulnerabilities in Cisco Small Business RV Series Routers



Published: 2020-06-25 | Updated: 2020-07-02
Risk Low
Patch available YES
Number of vulnerabilities 18
CVE ID CVE-2020-3274
CVE-2020-3275
CVE-2020-3276
CVE-2020-3277
CVE-2020-3278
CVE-2020-3279
CVE-2020-3296
CVE-2020-3295
CVE-2020-3294
CVE-2020-3293
CVE-2020-3292
CVE-2020-3291
CVE-2020-3290
CVE-2020-3289
CVE-2020-3288
CVE-2020-3287
CVE-2020-3286
CVE-2020-3431
CWE ID CWE-77
CWE-119
CWE-79
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Cisco RV016 Multi-WAN VPN Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco RV042 Dual WAN VPN Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco RV042G Dual Gigabit WAN VPN Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Cisco RV082 Dual WAN VPN Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Small Business RV320 Dual Gigabit WAN VPN Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Small Business RV325 Dual Gigabit WAN VPN Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor Cisco Systems, Inc

Security Advisory

Updated 02.07.2020
Added vulnerability #18

1) Command Injection

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3274

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary commands on the system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted request and execute arbitrary commands on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Command Injection

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3275

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary commands on the system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted request and execute arbitrary commands on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Command Injection

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3276

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary commands on the system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted request and execute arbitrary commands on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Command Injection

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3277

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary commands on the system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted request and execute arbitrary commands on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Command Injection

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3278

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary commands on the system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted request and execute arbitrary commands on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Command Injection

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3279

CWE-ID: CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary commands on the system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote administrator can send a specially crafted request and execute arbitrary commands on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-Rj5JRfF8

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3296

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3295

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3294

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3293

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3292

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3291

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3290

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3289

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3288

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3287

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Buffer overflow

Risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3286

CWE-ID: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Exploit availability: No

Description

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the web-based management interface. A remote administrator can send a specially crafted request, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system. 

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV016 Multi-WAN VPN Router: 3.0.0.1-tm, 3.0.0.19-tm, 3.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042 Dual WAN VPN Router: 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV082 Dual WAN VPN Router: 1.3.9.8-tm, 2.0.2.01-tm, 4.1.0.02-tm, 4.1.1.01, 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Small Business RV320 Dual Gigabit WAN VPN Router: 1.5.1.05

Small Business RV325 Dual Gigabit WAN VPN Router: 1.5.1.05

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNz

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Cross-site scripting

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C] [PCI]

CVE-ID: CVE-2020-3431

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the web-based management interface. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Cisco RV042 Dual WAN VPN Router: 4.2.1.02, 4.2.2.08, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10

Cisco RV042G Dual Gigabit WAN VPN Router: 4.2.1.02, 4.2.3.03, 4.2.3.06, 4.2.3.07, 4.2.3.08, 4.2.3.09, 4.2.3.10, 4.2.8.08

CPE External links

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-rv-routers-xss-K7Z5U6q3

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

How the attacker can exploit this vulnerability?

The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###