CVE-2020-3277

Name of the Vulnerable Software and Affected Versions Cisco Small Business RV320 and RV325 Series Routers versions (affected versions not specified) Cisco Small Business RV016, RV042, and RV082 Routers versions (affected versions not specified)

Description The issue is related to multiple vulnerabilities in the web-based management interface of the affected routers. These vulnerabilities exist because the interface does not properly validate user-supplied input to scripts. An authenticated, remote attacker with administrative privileges could exploit these vulnerabilities by sending malicious requests to an affected device, potentially allowing the execution of arbitrary commands with root privileges on the underlying operating system.

Recommendations For Cisco Small Business RV320 and RV325 Series Routers, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Cisco Small Business RV016, RV042, and RV082 Routers, at the moment, there is no information about a newer version that contains a fix for this vulnerability.