CVE-2020-3268

Description

Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details section of this advisory.

Risk Information

Base Score

7.2

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

1.084

Associated Vulnerability

Vulnerability	OS Platform
Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities For Cisco Application Extension Platform	NCM
Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities For Cisco Small Business RV Series Routers	NCM
Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2020-3268)	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1705914	Security Update for Cisco Application Extension Platform 1.0.3.16
PATCH-1705925	Security Update for Cisco Small Business RV Series Routers 1.0.3.16

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234