Vulnerability Description
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Rv340 Firmware | <= 1.0.03.24 |
| Cisco | Rv340 | - |
| Cisco | Rv340W Firmware | <= 1.0.03.24 |
| Cisco | Rv340W | - |
| Cisco | Rv345 Firmware | <= 1.0.03.24 |
| Cisco | Rv345 | - |
| Cisco | Rv345P Firmware | <= 1.0.03.24 |
| Cisco | Rv345P | - |
Related Weaknesses (CWE)
References
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-22-416/Third Party AdvisoryVDB Entry
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sVendor Advisory
- https://www.zerodayinitiative.com/advisories/ZDI-22-416/Third Party AdvisoryVDB Entry
FAQ
What is CVE-2022-20711?
CVE-2022-20711 is a vulnerability with a CVSS score of 10.0 (CRITICAL). Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arb...
How severe is CVE-2022-20711?
CVE-2022-20711 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-20711?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Rv340 Firmware, Cisco Rv340, Cisco Rv340W Firmware, Cisco Rv340W, Cisco Rv345 Firmware.