CVE-2024-20522

Cisco Small Business RV042, RV042G, RV320, and RV325 Denial of Service Vulnerabilities

Description

A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.   This vulnerability is due to improper validation of user input that is in incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface of the affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition.

INFO

Published Date :

2024-10-02T16:57:27.083Z

Last Modified :

2024-10-02T18:52:46.250Z

Source :

cisco

AFFECTED PRODUCTS

The following products are affected by CVE-2024-20522 vulnerability.

Vendors	Products
Cisco	Rv042 Rv042 Firmware Rv042g Rv042g Firmware Rv320 Rv320 Firmware Rv325 Rv325 Firmware Small Business Rv Series Router Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-20522.

URL	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact