Cisco.Small.Business.RV340.CVE-2020-3451.Remote.Code.Execution
Description
This indicates an attack attempt against a Remote Code Execution vulnerability in Cisco Small Business RV340 Series Routers.
The vulnerability is caused by improper validation of user supplied input. A remote attacker may be able to exploit this to execute arbitrary remote code within the context of the application, via a crafted HTTP request.
Affected Products
Cisco Small Business RV340W Dual WAN Gigabit Wireless-AC VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV340 Dual WAN Gigabit VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV345 Dual WAN Gigabit VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV345P Dual WAN Gigabit POE VPN Router Firmware Release 1.0.03.19 and prior
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |