CVE-2022-20701 — Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
2022-03-03 • CISA Known Exploited Vulnerability
[event] A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
> AFFECTED SOFTWARE
| Field | Value |
|---|---|
| Vendor | Cisco |
| Product | Small Business RV160, RV260, RV340, and RV345 Series Routers |
| CWE | CWE-121 |
| CVE ID | CVE-2022-20701 |
| Date Added | 2022-03-03 |
| Due Date | 2022-03-17 |
| Ransomware Campaign | Unknown |
> MITIGATION
Apply updates per vendor instructions.
Due Date: 2022-03-17