Cisco Small Business Routers Vulnerable to Remote Reload Attack
CVE-2024-20522
Key Information
- Vendor
- Cisco
- Status
- Cisco Small Business Rv Series Router Firmware
- Vendor
- CVE Published:
- 2 October 2024
Badges
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device. Â This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.
Affected Version(s)
Cisco Small Business RV Series Router Firmware = 4.0.2.08-tm
Cisco Small Business RV Series Router Firmware = 4.2.3.08
Cisco Small Business RV Series Router Firmware = 4.1.1.01
Refferences
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved