CVE-2020-3431
CVSS 3.1 Score 6.1 of 10 (medium)
Details
Summary
CVE-2020-3431 is a cross-site scripting (XSS) vulnerability affecting the web-based management interface of Cisco Small Business RV042 and RV042G VPN Routers. This issue stems from insufficient input validation, enabling unauthenticated, remote attackers to inject malicious scripts. A successful exploit could result in executing arbitrary code or accessing sensitive information in the context of the affected interface. Cisco has issued software updates to mitigate this vulnerability, and no workarounds have been identified. Users are advised to install the patches promptly.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.