CVE-2024-20517

CVSS 3.1 Score 6.8 of 10 (medium)

Details

Published Oct 2, 2024
Updated: Oct 8, 2024
CWE ID 122
CWE ID 787

Summary

CVE-2024-20517 is a vulnerability affecting the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers, which allows an authenticated Administrator-level remote attacker to trigger an unexpected device reload, leading to a denial of service (DoS) condition. This issue arises from improper validation of user input in incoming HTTP packets, enabling attackers with valid Administrator credentials to exploit the vulnerability through crafted HTTP requests. The potential danger this poses includes significant disruption of network services due to the DoS condition. To remediate this vulnerability, organizations are advised to follow vendor guidance available in Cisco’s security advisory. The vulnerability has been assigned a medium severity rating with a base score of 6.8 and requires high privileges for exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share