← Back to CVEs
CVE-2022-20700
CRITICALCISA KEV10.0
Description
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory.
CVE Details
CVSS v3.1 Score10.0
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published2/10/2022
Last Modified10/28/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorCisco
ProductSmall Business RV160, RV260, RV340, and RV345 Series Routers
Vulnerability NameCisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
KEV Date Added2022-03-03
Remediation Due Date2022-03-17
Ransomware UseUnknown
Affected Products
cisco:rv160cisco:rv160_firmwarecisco:rv160wcisco:rv160w_firmwarecisco:rv260cisco:rv260_firmwarecisco:rv260pcisco:rv260p_firmwarecisco:rv260wcisco:rv260w_firmwarecisco:rv340cisco:rv340_firmwarecisco:rv340wcisco:rv340w_firmwarecisco:rv345cisco:rv345_firmwarecisco:rv345pcisco:rv345p_firmware
Weaknesses (CWE)
CWE-121CWE-787
References
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D(psirt@cisco.com)
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-mult-vuln-KA9PK6D(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-20700(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.