Threat Encyclopedia

Cisco.Small.Business.RV340.CVE-2020-3451.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt against a Remote Code Execution vulnerability in Cisco Small Business RV340 Series Routers.
The vulnerability is caused by improper validation of user supplied input. A remote attacker may be able to exploit this to execute arbitrary remote code within the context of the application, via a crafted HTTP request.

affected-products-logoAffected Products

Cisco Small Business RV340W Dual WAN Gigabit Wireless-AC VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV340 Dual WAN Gigabit VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV345 Dual WAN Gigabit VPN Router Firmware Release 1.0.03.19 and prior
Cisco Small Business RV345P Dual WAN Gigabit POE VPN Router Firmware Release 1.0.03.19 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-osinj-rce-pwTkPCJv

CVE References

CVE-2020-3451

Telemetry logoTelemetry