We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-20522

Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities



Assignercisco
Reserved2023-11-08
Published2024-10-02
Updated2024-10-02

Description

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.



MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Problem types

Heap-based Buffer Overflow

Product status

Default status
unknown

4.0.2.08-tm
affected

4.2.3.08
affected

4.1.1.01
affected

4.2.3.03
affected

3.0.0.1-tm
affected

4.1.0.02-tm
affected

4.2.3.09
affected

3.0.2.01-tm
affected

4.2.3.10
affected

3.0.0.19-tm
affected

4.2.3.06
affected

4.2.2.08
affected

4.0.3.03-tm
affected

4.0.0.7
affected

4.2.1.02
affected

4.2.3.07
affected

4.0.4.02-tm
affected

1.3.12.19-tm
affected

1.3.12.6-tm
affected

1.3.13.02-tm
affected

1.3.1.10
affected

1.2.1.13
affected

1.1.1.19
affected

1.4.2.15
affected

1.5.1.05
affected

1.0.2.03
affected

1.1.0.09
affected

1.2.1.14
affected

1.3.2.02
affected

1.3.1.12
affected

1.0.1.17
affected

1.4.2.19
affected

1.1.1.06
affected

1.4.2.20
affected

1.4.2.22
affected

1.4.2.17
affected

4.2.3.14
affected

1.5.1.11
affected

1.5.1.13
affected

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV (cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV)

cve.org CVE-2024-20522

nvd.nist.gov CVE-2024-20522

Download JSON

Share this page
https://cve.threatint.com
Subscribe to our newsletter to learn more about our work.