CVE-2022-20841
CRITICAL9.0CVSS v3
—CVSS v2
3.57%
EPSS (exploit probability)
CWE-120CWE
Description
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVSS v3 vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Affected routers (4)
| Vendor | Model | Matched via | Affected versions | Fixed in | Patch Status |
|---|---|---|---|---|---|
| Cisco | Cisco RV160 | — |
versionEndExcluding=1.0.01.05 | 1.0.01.05 | Patched |
| Cisco | Cisco RV260 | — |
versionEndExcluding=1.0.01.05 | 1.0.01.05 | Patched |
| Cisco | Cisco RV340 | — |
versionEndExcluding=1.0.03.26 | 1.0.03.26 | Patched |
| Cisco | Cisco RV345 | — |
versionEndExcluding=1.0.03.26 | 1.0.03.26 | Patched |