virus logo Web Application Security

Cisco.Small.Business.RV340.CVE-2020-3451.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against a Remote Code Execution vulnerability in Cisco Small Business RV340 Series Routers.
The vulnerability is caused by improper validation of user supplied input. A remote attacker may be able to exploit this to execute arbitrary remote code within the context of the application, via a crafted HTTP request.

affected-products-logoAffected Products

Cisco Small Business RV340W Dual WAN Gigabit Wireless-AC VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV340 Dual WAN Gigabit VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV345 Dual WAN Gigabit VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV345P Dual WAN Gigabit POE VPN Router Firmware Release 1.0.03.19 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv

Version Updates

Date Version Detail
2022-08-15 0.00326

CVE References

CVE-2020-3451
ID 1090501540
Created Aug 15, 2022
Updated Aug 15, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action pass
Active
Affected OS Windows, Linux
Affected App Cisco
Engine Version 5.0.1 or later