ID

VAR-202208-0321


CVE

CVE-2022-20827


TITLE

plural  Cisco Small Business  In router products  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-016749

DESCRIPTION

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. plural Cisco Small Business Router products include OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wfapp application. A crafted server response can trigger execution of a system call composed from a attacker-supplied string. An attacker can leverage this vulnerability to execute code in the context of root. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR

Trust: 2.34

sources: NVD: CVE-2022-20827 // JVNDB: JVNDB-2022-016749 // ZDI: ZDI-22-1047 // VULMON: CVE-2022-20827

AFFECTED PRODUCTS

vendor:ciscomodel:rv345scope:ltversion:1.0.03.26

Trust: 1.0

vendor:ciscomodel:rv260wscope:ltversion:1.0.01.05

Trust: 1.0

vendor:ciscomodel:rv340scope:ltversion:1.0.03.26

Trust: 1.0

vendor:ciscomodel:rv340wscope:ltversion:1.0.03.26

Trust: 1.0

vendor:ciscomodel:rv160wscope:ltversion:1.0.01.05

Trust: 1.0

vendor:ciscomodel:rv260scope:ltversion:1.0.01.05

Trust: 1.0

vendor:ciscomodel:rv260pscope:ltversion:1.0.01.05

Trust: 1.0

vendor:ciscomodel:rv345pscope:ltversion:1.0.03.26

Trust: 1.0

vendor:ciscomodel:rv160scope:ltversion:1.0.01.05

Trust: 1.0

vendor:シスコシステムズmodel:rv160 vpn ルータscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv260 vpn ルータscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv340scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv345pscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv160w wireless-ac vpn ルータscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv345scope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv260w wireless-ac vpn ルータscope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv260p vpn ルータ with poescope: - version: -

Trust: 0.8

vendor:シスコシステムズmodel:rv340wscope: - version: -

Trust: 0.8

vendor:ciscomodel:rv340scope: - version: -

Trust: 0.7

sources: ZDI: ZDI-22-1047 // JVNDB: JVNDB-2022-016749 // NVD: CVE-2022-20827

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-20827
value: CRITICAL

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20827
value: CRITICAL

Trust: 1.0

NVD: CVE-2022-20827
value: CRITICAL

Trust: 0.8

ZDI: CVE-2022-20827
value: HIGH

Trust: 0.7

CNNVD: CNNVD-202208-2168
value: CRITICAL

Trust: 0.6

nvd@nist.gov: CVE-2022-20827
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 6.0
version: 3.1

Trust: 1.0

ykramarz@cisco.com: CVE-2022-20827
baseSeverity: CRITICAL
baseScore: 9.0
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 6.0
version: 3.1

Trust: 1.0

NVD: CVE-2022-20827
baseSeverity: CRITICAL
baseScore: 10.0
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-20827
baseSeverity: HIGH
baseScore: 8.8
vectorString: AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-1047 // JVNDB: JVNDB-2022-016749 // CNNVD: CNNVD-202208-2168 // NVD: CVE-2022-20827 // NVD: CVE-2022-20827

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-016749 // NVD: CVE-2022-20827

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202208-2168

TYPE

operating system commend injection

Trust: 0.6

sources: CNNVD: CNNVD-202208-2168

PATCH

title:cisco-sa-sb-mult-vuln-CbVp4SURurl:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR

Trust: 0.8

title:Cisco has issued an update to correct this vulnerability.url:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR

Trust: 0.7

title:Cisco Small Business RV Series Routers Fixes for operating system command injection vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204185

Trust: 0.6

title:Cisco: Cisco Small Business RV Series Routers Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts&qid=cisco-sa-sb-mult-vuln-CbVp4SUR

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2022/08/05/cisco_smb_routers_critical_flaws/

Trust: 0.1

sources: ZDI: ZDI-22-1047 // VULMON: CVE-2022-20827 // JVNDB: JVNDB-2022-016749 // CNNVD: CNNVD-202208-2168

EXTERNAL IDS

db:NVDid:CVE-2022-20827

Trust: 4.0

db:JVNDBid:JVNDB-2022-016749

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-15984

Trust: 0.7

db:ZDIid:ZDI-22-1047

Trust: 0.7

db:AUSCERTid:ESB-2022.3837

Trust: 0.6

db:CNNVDid:CNNVD-202208-2168

Trust: 0.6

db:VULMONid:CVE-2022-20827

Trust: 0.1

sources: ZDI: ZDI-22-1047 // VULMON: CVE-2022-20827 // JVNDB: JVNDB-2022-016749 // CNNVD: CNNVD-202208-2168 // NVD: CVE-2022-20827

REFERENCES

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sb-mult-vuln-cbvp4sur

Trust: 2.4

url:https://nvd.nist.gov/vuln/detail/cve-2022-20827

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.3837

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-20827/

Trust: 0.6

url:https://www.theregister.co.uk/2022/08/05/cisco_smb_routers_critical_flaws/

Trust: 0.1

sources: ZDI: ZDI-22-1047 // VULMON: CVE-2022-20827 // JVNDB: JVNDB-2022-016749 // CNNVD: CNNVD-202208-2168 // NVD: CVE-2022-20827

CREDITS

Q. Kaiser from IoT Inspector Research Lab

Trust: 0.7

sources: ZDI: ZDI-22-1047

SOURCES

db:ZDIid:ZDI-22-1047
db:VULMONid:CVE-2022-20827
db:JVNDBid:JVNDB-2022-016749
db:CNNVDid:CNNVD-202208-2168
db:NVDid:CVE-2022-20827

LAST UPDATE DATE

2024-08-14T14:10:41.011000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-1047date:2022-08-04T00:00:00
db:JVNDBid:JVNDB-2022-016749date:2023-10-06T06:23:00
db:CNNVDid:CNNVD-202208-2168date:2022-08-15T00:00:00
db:NVDid:CVE-2022-20827date:2023-11-07T03:43:04.223

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-1047date:2022-08-04T00:00:00
db:JVNDBid:JVNDB-2022-016749date:2023-10-06T00:00:00
db:CNNVDid:CNNVD-202208-2168date:2022-08-04T00:00:00
db:NVDid:CVE-2022-20827date:2022-08-10T09:15:08.537