March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2022-20869 – Cisco BroadWorks Application Delivery Platform Software Vulnerability
August 4, 2022Rewterz Threat Advisory – Multiple Cisco Webex Meetings Vulnerabilities
August 4, 2022Rewterz Threat Advisory – CVE-2022-20869 – Cisco BroadWorks Application Delivery Platform Software Vulnerability
August 4, 2022Rewterz Threat Advisory – Multiple Cisco Webex Meetings Vulnerabilities
August 4, 2022
Severity
High
Analysis Summary
CVE-2022-20842 CVSS:9.8
Cisco Small Business RV Series Routers could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By sending a specially-crafted HTTP input, an attacker could exploit this vulnerability to execute arbitrary code as the root user on the underlying operating system or cause the device to reload.
CVE-2022-20841 CVSS:8.3
Cisco Small Business RV Series Routers could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation. By sending a specially-crafted input, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying Linux operating system.
CVE-2022-20827 CVSS:9
Cisco Small Business RV Series Routers could allow a remote attacker to execute arbitrary commands on the system, caused by improper input validation. By sending a specially-crafted input to the web filter database update feature, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system with root privileges.
Impact
- Code Execution
- Command Execution
Indicators Of Compromise
CVE
- CVE-2022-20842
- CVE-2022-20841
- CVE-2022-20827
Affected Vendors
Cisco
Affected Products
- Cisco RV340 Series Routers
- Cisco RV345 Series Routers
- Cisco RV260 Series Routers
- Cisco RV160 Series Routers
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.
Cisco Security Advisory