A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. In order to exploit this vulnerability, the attacker must have valid admin credentials.
This vulnerability exists because the web-based management interface does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.
References
Link | Resource |
---|---|
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
History
09 Oct 2024, 16:55
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cisco rv340w Dual Wan Gigabit Wireless-ac Vpn Router
Cisco rv340 Dual Wan Gigabit Vpn Router Firmware Cisco Cisco rv340w Dual Wan Gigabit Wireless-ac Vpn Router Firmware Cisco rv345p Dual Wan Gigabit Poe Vpn Router Firmware Cisco rv340 Dual Wan Gigabit Vpn Router Cisco rv345 Dual Wan Gigabit Vpn Router Firmware Cisco rv345 Dual Wan Gigabit Vpn Router Cisco rv345p Dual Wan Gigabit Poe Vpn Router |
|
CPE | cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv345_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv340_dual_wan_gigabit_vpn_router:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.24:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.00.33:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.26:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.00.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.19:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.01.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.22:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.15:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.29:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.18:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.01.20:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.21:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.28:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.18:*:*:*:*:*:*:* cpe:2.3:h:cisco:rv345p_dual_wan_gigabit_poe_vpn_router:-:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.02.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340_dual_wan_gigabit_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware:1.0.03.27:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345p_dual_wan_gigabit_poe_vpn_router_firmware:1.0.03.16:*:*:*:*:*:*:* cpe:2.3:o:cisco:rv345_dual_wan_gigabit_vpn_router_firmware:1.0.03.17:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
CWE | NVD-CWE-Other | |
References | () https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv34x-privesc-rce-qE33TCms - Vendor Advisory |
04 Oct 2024, 13:50
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Oct 2024, 20:35
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
02 Oct 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-02 17:15
Updated : 2024-10-09 16:55
NVD link : CVE-2024-20470
Mitre link : CVE-2024-20470
CVE.ORG link : CVE-2024-20470
JSON object : View
Products Affected
cisco
- rv345p_dual_wan_gigabit_poe_vpn_router_firmware
- rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware
- rv340_dual_wan_gigabit_vpn_router_firmware
- rv340w_dual_wan_gigabit_wireless-ac_vpn_router
- rv345p_dual_wan_gigabit_poe_vpn_router
- rv340_dual_wan_gigabit_vpn_router
- rv345_dual_wan_gigabit_vpn_router_firmware
- rv345_dual_wan_gigabit_vpn_router
CWE