CVE-2020-3451 - OpenCVE

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Rv340 Rv340 Firmware Rv340w Rv340w Firmware Rv345 Rv345 Firmware Rv345p Rv345p Firmware

Configuration 1 [-]

AND

cpe:2.3:o:cisco:rv340w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:cisco:rv345_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:cisco:rv345p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv
https://www.zerodayinitiative.com/advisories/ZDI-20-1100/

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2020-09-04T02:26:10.575626Z

Updated: 2024-09-16T19:14:10.848Z

Reserved: 2019-12-12T00:00:00

Link: CVE-2020-3451

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-09-04T03:15:10.120

Modified: 2023-11-07T03:22:44.270

Link: CVE-2020-3451

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Cisco Small Business RV Series Router Firmware", "vendor": "Cisco", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2020-09-02T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "CWE-119", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-09-08T13:06:10", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20200902 Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1100/"}], "source": {"advisory": "cisco-sa-rv-osinj-rce-pwTkPCJv", "defect": [["CSCvu40103", "CSCvu49391"]], "discovery": "INTERNAL"}, "title": "Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2020-09-02T16:00:00", "ID": "CVE-2020-3451", "STATE": "PUBLIC", "TITLE": "Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco Small Business RV Series Router Firmware", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."}], "impact": {"cvss": {"baseScore": "4.7", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-119"}]}]}, "references": {"reference_data": [{"name": "20200902 Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1100/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1100/"}]}, "source": {"advisory": "cisco-sa-rv-osinj-rce-pwTkPCJv", "defect": [["CSCvu40103", "CSCvu49391"]], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:37:54.194Z"}, "title": "CVE Program Container", "references": [{"name": "20200902 Cisco Small Business RV340 Series Routers Command Injection and Remote Code Execution Vulnerabilities", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1100/"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2020-3451", "datePublished": "2020-09-04T02:26:10.575626Z", "dateReserved": "2019-12-12T00:00:00", "dateUpdated": "2024-09-16T19:14:10.848Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv340w_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "87167F32-831D-4E25-B007-406A6D54F50A", "versionEndExcluding": "1.0.03.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv340w:-:*:*:*:*:*:*:*", "matchCriteriaId": "21E55019-F969-4ACD-A6C8-1D2EE05F8EE4", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "493AF110-2F36-4516-9087-D7F014EAB8F3", "versionEndExcluding": "1.0.03.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv340:-:*:*:*:*:*:*:*", "matchCriteriaId": "2A4411AC-2A74-4315-BA6B-D7E1AA538BDB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv345_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BDF62FE5-93FD-4E7C-8245-51D09FAC353A", "versionEndExcluding": "1.0.03.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv345:-:*:*:*:*:*:*:*", "matchCriteriaId": "5E91E68B-CBE9-462E-82D4-6F588B8E84E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:rv345p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "75245663-EE02-4E2C-9C2B-BC0BA1A0FF8F", "versionEndExcluding": "1.0.03.19", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:rv345p:-:*:*:*:*:*:*:*", "matchCriteriaId": "5120BAB7-FB3A-481E-9ECD-48341846AFBD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user. For more information about these vulnerabilities, see the Details section of this advisory."}, {"lang": "es", "value": "Multiples vulnerabilidades en la interfaz de administraci\u00f3n basada en web de Cisco Small Business RV340 Series Routers, podr\u00edan permitir a un atacante remoto autenticado con credenciales administrativas ejecutar comandos arbitrarios en el Sistema Operativo (SO) subyacente como un usuario restringido. Para m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consultar la secci\u00f3n Detalles de este aviso"}], "id": "CVE-2020-3451", "lastModified": "2023-11-07T03:22:44.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.4, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2020-09-04T03:15:10.120", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv"}, {"source": "ykramarz@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1100/"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}