T Shiomitsu

Name of the Vulnerable Software and Affected Versions: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers (affected versions not specified) Description: The issue is related to the web-based management interface of the affected devices, where multiple vulnerabilities could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges. These vulnerabilities exist because HTTP requests are not properly validated, and an attacker could exploit them by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. The vulnerability is also related to deficiencies in the deserialization mechanism. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers (affected versions not specified) Description: The issue is related to multiple vulnerabilities in the web-based management interface of the affected devices. These vulnerabilities exist because HTTP requests are not properly validated, which could allow an authenticated, remote attacker to execute arbitrary code with elevated privileges. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. The vulnerabilities are also related to deficiencies in the deserialization mechanism. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers (affected versions not specified) Description: The issue is related to multiple vulnerabilities in the web-based management interface of the affected devices. These vulnerabilities exist because HTTP requests are not properly validated, allowing an authenticated, remote attacker to execute arbitrary code with elevated privileges. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. The vulnerabilities are also related to deficiencies in the deserialization mechanism. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: D-Link DIR-3060 versions prior to 1.11b04 HF2 Description: The issue allows remote authenticated users to inject arbitrary commands in an admin or root context. This is because `SetVirtualServerSettings` calls `CheckArpTables`, which calls `popen` unsafely. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendations: For D-Link DIR-3060 versions prior to 1.11b04 HF2, update to version 1.11b04 HF2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `prog.cgi` interface until a patch is applied. Avoid using the `SetVirtualServerSettings` function, which calls `CheckArpTables`, until the issue is resolved.