CVE-2024-20362 (CNNVD-202404-469)
MEDIUM
中文标题:
Cisco Small Business 安全漏洞
英文标题:
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, ...
CVSS分数:
6.1
发布时间:
2024-04-03 16:25:56
漏洞类型:
其他
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v3
漏洞描述
中文描述:
Cisco Small Business是美国思科(Cisco)公司的一个交换机。 Cisco Small Business RV016, RV042, RV042G, RV082, RV320, RV325 存在安全漏洞,该漏洞源于基于 Web 的管理界面的输入验证不足。
英文描述:
A vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
CWE类型:
CWE-80
标签:
(暂无数据)
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.1.0.09 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.1.0.09:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.1.1.19 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.1.1.19:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.1.1.06 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.1.1.06:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.2.1.14 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.2.1.14:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 2.0.0.19-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:2.0.0.19-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.3.1.12 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.3.1.12:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.3.1.10 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.3.1.10:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.3.12.6-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.3.12.6-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.3.13.02-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.3.13.02-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.0.0.7 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.0.0.7:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.0.2.08-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.0.2.08-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.0.3.03-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.0.3.03-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.0.4.02-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.0.4.02-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.2.08 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.2.08:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.3.03 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.3.03:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.3.06 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.3.06:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.3.07 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.3.07:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.3.09 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.3.09:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.3.10 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.3.10:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.2.3.14 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.2.3.14:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.4.2.15 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.4.2.15:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.4.2.17 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.4.2.17:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.4.2.19 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.4.2.19:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.4.2.22 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.4.2.22:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 3.0.0.1-tm | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:3.0.0.1-tm:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 4.1.1.01 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:4.1.1.01:*:*:*:*:*:*:*
|
| Cisco | Cisco Small Business RV Series Router Firmware | 1.5.1.05 | - | - |
cpe:2.3:a:cisco:cisco_small_business_rv_series_router_firmware:1.5.1.05:*:*:*:*:*:*:*
|
| cisco | rv016_firmware | - | - | - |
cpe:2.3:o:cisco:rv016_firmware:-:*:*:*:*:*:*:*
|
| cisco | rv042_firmware | - | - | - |
cpe:2.3:o:cisco:rv042_firmware:-:*:*:*:*:*:*:*
|
| cisco | rv042g_firmware | - | - | - |
cpe:2.3:o:cisco:rv042g_firmware:-:*:*:*:*:*:*:*
|
| cisco | rv082_firmware | - | - | - |
cpe:2.3:o:cisco:rv082_firmware:-:*:*:*:*:*:*:*
|
| cisco | rv320_firmware | - | - | - |
cpe:2.3:o:cisco:rv320_firmware:-:*:*:*:*:*:*:*
|
| cisco | rv325_firmware | - | - | - |
cpe:2.3:o:cisco:rv325_firmware:-:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
cisco-sa-sbiz-rv-xss-OQeRTup
OTHER
cve.org
访问
cve.org
CVSS评分详情
3.1 (cna)
MEDIUM
6.1
CVSS向量:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
机密性
LOW
完整性
LOW
可用性
NONE
时间信息
发布时间:
2024-04-03 16:25:56
修改时间:
2024-11-07 19:16:09
创建时间:
2025-11-11 15:39:03
更新时间:
2025-11-11 15:58:43
利用信息
暂无可利用代码信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2024-20362 |
2025-11-11 15:22:24 | 2025-11-11 07:39:03 |
| NVD | nvd_CVE-2024-20362 |
2025-11-11 14:59:49 | 2025-11-11 07:47:05 |
| CNNVD | cnnvd_CNNVD-202404-469 |
2025-11-11 15:11:32 | 2025-11-11 07:58:43 |
版本与语言
当前版本:
v3
主要语言:
EN
支持语言:
EN
ZH
安全公告
暂无安全公告信息
变更历史
v3
CNNVD
2025-11-11 15:58:43
vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-202404-469; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202404-469
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:47:05
affected_products_count: 27 → 33; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- affected_products_count: 27 -> 33
- data_sources: ['cve'] -> ['cve', 'nvd']