Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability
Discription

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of set-snmp JSON RPC requests. When parsing the usmUserAuthKey parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the www-data user.Read More

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-rv-cmd-inj-8Pv9JMJD

9 High

CVSS2

  • Access Vector
  • Access Complexity
  • Authentication
  • Confidentiality Impact
  • Integrity Impact
  • Availability Impact
  • Network
  • Low
  • Single
  • Complete
  • Complete
  • Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.2 High

CVSS3

  • Attack Vector
  • Attack Complexity
  • Privileges Required
  • User Interaction
  • Scope
  • Confidentiality Impact
  • Integrity Impact
  • Availability Impact
  • Network
  • Low
  • High
  • None
  • Unchanged
  • High
  • High
  • High

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Back to Main
Subscribe for the latest news: