Details of VAR-202410-0280

ID

VAR-202410-0280

CVE

CVE-2024-20470

TITLE

Vulnerabilities in multiple Cisco Systems products

Trust: 0.8

sources: JVNDB: JVNDB-2024-010129

DESCRIPTION

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. In order to exploit this vulnerability, the attacker must have valid admin credentials. This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system. RV340 firmware, RV340W firmware, RV345 Unspecified vulnerabilities exist in multiple Cisco Systems products such as firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-20470 // JVNDB: JVNDB-2024-010129

AFFECTED PRODUCTS

vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.00.33	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.19	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.20	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.19	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.18	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.29	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.29	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.17	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.16	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.26	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.24	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.20	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.16	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.18	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.00.29	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.26	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.02.16	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.22	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.20	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.16	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.15	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.02.16	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.00.33	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.17	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.01.16	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.18	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.24	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.15	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.01.18	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.00.33	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.26	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.20	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.24	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.01.20	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.16	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.01.17	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.27	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.28	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.17	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.02.16	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.22	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.21	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.18	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.00.29	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.15	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.15	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.00.33	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.21	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.20	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.24	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.18	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.17	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.27	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.28	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.17	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.01.16	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.19	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.20	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.21	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.17	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.27	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.21	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.28	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.29	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.22	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.00.29	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.01.18	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.00.29	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.26	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.19	Trust: 1.0
vendor:	cisco	model:	rv340 dual wan gigabit vpn router	scope:	eq	version:	1.0.03.29	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.01.20	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.16	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.02.16	Trust: 1.0
vendor:	cisco	model:	rv345p dual wan gigabit poe vpn router	scope:	eq	version:	1.0.03.18	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.01.17	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.27	Trust: 1.0
vendor:	cisco	model:	rv345 dual wan gigabit vpn router	scope:	eq	version:	1.0.01.16	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.28	Trust: 1.0
vendor:	cisco	model:	rv340w dual wan gigabit wireless-ac vpn router	scope:	eq	version:	1.0.03.22	Trust: 1.0
vendor:	シスコシステムズ	model:	rv340	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	rv345p	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	rv345	scope:	-	version:	-	Trust: 0.8
vendor:	シスコシステムズ	model:	rv340w	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-010129 // NVD: CVE-2024-20470

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-20470
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-20470
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2024-20470
value:	HIGH
Trust: 0.8

nvd@nist.gov:	CVE-2024-20470
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.1
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-20470
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	1.2
impactScore:	5.2
version:	3.1
Trust: 1.0
NVD:	CVE-2024-20470
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-010129 // NVD: CVE-2024-20470 // NVD: CVE-2024-20470

PROBLEMTYPE DATA

problemtype:	CWE-146	Trust: 1.0
problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	Improper sanitization of expressions and command delimiters (CWE-146) [ others ]	Trust: 0.8
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-010129 // NVD: CVE-2024-20470

PATCH

title:

cisco-sa-rv34x-privesc-rce-qE33TCms

url:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms

Trust: 0.8

sources: JVNDB: JVNDB-2024-010129

EXTERNAL IDS

db:	NVD	id:	CVE-2024-20470	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-010129	Trust: 0.8

sources: JVNDB: JVNDB-2024-010129 // NVD: CVE-2024-20470

REFERENCES

url:	https://sec.cloudapps.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-rv34x-privesc-rce-qe33tcms	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2024-20470	Trust: 0.8

sources: JVNDB: JVNDB-2024-010129 // NVD: CVE-2024-20470

SOURCES

db:	JVNDB	id:	JVNDB-2024-010129
db:	NVD	id:	CVE-2024-20470

LAST UPDATE DATE

2024-10-13T23:16:54.439000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-010129	date:	2024-10-10T23:49:00
db:	NVD	id:	CVE-2024-20470	date:	2024-10-09T16:55:23.887

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-010129	date:	2024-10-11T00:00:00
db:	NVD	id:	CVE-2024-20470	date:	2024-10-02T17:15:17.027