A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
History

Thu, 07 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*
Vendors & Products Cisco
Cisco small Business Rv Series Router Firmware

Wed, 06 Nov 2024 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Cisco
Cisco small Business Rv Series Router Firmware
CPEs cpe:2.3:o:cisco:small_business_rv_series_router_firmware:*:*:*:*:*:*:*:*
Vendors & Products Cisco
Cisco small Business Rv Series Router Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-04-03T16:25:56.368Z

Updated: 2024-11-07T19:16:09.493Z

Reserved: 2023-11-08T15:08:07.651Z

Link: CVE-2024-20362

cve-icon Vulnrichment

Updated: 2024-08-01T21:59:42.287Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-04-03T17:15:49.707

Modified: 2024-11-21T08:52:28.043

Link: CVE-2024-20362

cve-icon Redhat

No data.