Lucene search
Q. Kaiser from IoT Inspector Research LabZDI-22-1047HistoryAug 04, 2022 - 12:00 a.m.
Cisco RV340 wfapp Command Injection Remote Code Execution Vulnerability
2022-08-0400:00:00
Q. Kaiser from IoT Inspector Research Lab
www.zerodayinitiative.com
33
0.003 Low
EPSS
Percentile
70.0%
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wfapp application. A crafted server response can trigger execution of a system call composed from a attacker-supplied string. An attacker can leverage this vulnerability to execute code in the context of root.
Related
cve
cve
CVE-2022-20827
2022-08-10 09:15:08
prion
prion
Design/Logic Flaw
2022-08-10 09:15:00
nvd
nvd
CVE-2022-20827
2022-08-10 09:15:08
cvelist
cvelist
CVE-2022-20827 Cisco Small Business RV Series Routers Vulnerabilities
2022-08-03 00:00:00
nessus
nessus
thn
thn
Cisco Business Routers Found Vulnerable to Critical Remote Hacking Flaws
2022-08-04 05:11:00
malwarebytes
malwarebytes
Patch now! Cisco VPN routers are vulnerable to remote control
2022-08-07 11:14:14
Patch now! Cisco VPN routers are vulnerable to remote control
2022-08-07 03:15:00
cisco
cisco
Cisco Small Business RV Series Routers Vulnerabilities
2022-08-03 16:00:00
