cvelist/2020/3xxx/CVE-2020-3268.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "DATE_PUBLIC": "2020-06-17T16:00:00",
        "ID": "CVE-2020-3268",
        "STATE": "PUBLIC",
        "TITLE": "Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Cisco RV130W Wireless-N Multifunction VPN Router Firmware ",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Cisco"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Multiple vulnerabilities in the web-based management interface of Cisco RV110W, RV130, RV130W, and RV215W Series Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary commands. For more information about these vulnerabilities, see the Details section of this advisory."
            }
        ]
    },
    "exploit": [
        {
            "lang": "eng",
            "value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory. "
        }
    ],
    "impact": {
        "cvss": {
            "baseScore": "7.2",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H ",
            "version": "3.0"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-119"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "20200617 Cisco Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities",
                "refsource": "CISCO",
                "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-injection-tWC7krKQ"
            }
        ]
    },
    "source": {
        "advisory": "cisco-sa-rv-routers-injection-tWC7krKQ",
        "defect": [
            [
                "CSCvt28203",
                "CSCvt28218",
                "CSCvt28223",
                "CSCvt28229",
                "CSCvt28233",
                "CSCvt28237"
            ]
        ],
        "discovery": "INTERNAL"
    }
}