The vulnerability in the web interface of Cisco Small Business RV110W Wireless-N VPN Firewall, Cisco Small Business RV130 Series VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router allows a perpetrator to execute arbitrary code.

🗓️ 29 Jul 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Web interface flaw enables arbitrary code execution via crafted web packets on Cisco RV110W, RV130, RV130W, RV215W routers.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2022-20904	20 Jul 202216:00	–	attackerkb
Tenable Nessus	Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Multiple Vulnerabilities (cisco-sa-sb-rv-rce-overflow-ygHByAK)	22 Jul 202200:00	–	nessus
CNNVD	Cisco Small Business 缓冲区错误漏洞	22 Jul 202200:00	–	cnnvd
CVE	CVE-2022-20904	21 Jul 202203:50	–	cve
Cvelist	CVE-2022-20904 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities	21 Jul 202203:50	–	cvelist
EUVD	EUVD-2022-26154	3 Oct 202520:07	–	euvd
NVD	CVE-2022-20904	22 Jul 202204:15	–	nvd
Prion	Input validation	22 Jul 202204:15	–	prion
Vulnrichment	CVE-2022-20904 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities	21 Jul 202203:50	–	vulnrichment

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-20904
tools	www.tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rce-overflow-ygHByAK
cisco	www.cisco.com/c/en/us/products/collateral/routers/small-business-rv-series-routers/eos-eol-notice-c51-742771.pdf
web	www.web.nvd.nist.gov/view/vuln/detail

29 Jul 2022 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS 37.2

CVSS 29

EPSS0.0058

web interface flaw arbitrary code execution crafted web packets RV110W router RV130 router RV130W router RV215W router