CVE-2024-20522

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 2, 2024
Updated: Oct 8, 2024
CWE ID 787
CWE ID 122

Summary

CVE-2024-20522 is a vulnerability affecting the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers, which allows an authenticated remote attacker with Administrator-level credentials to trigger an unexpected device reload, leading to a denial of service (DoS) condition. The flaw arises from improper validation of user input in incoming HTTP packets, enabling exploitation through crafted HTTP requests. Organizations using the affected products are advised to implement patches provided by Cisco to remediate this vulnerability. The severity rating for this issue is classified as medium, with a CVSS base score of 6.5 and high impacts on both integrity and confidentiality. Failure to address this vulnerability could result in significant service disruptions for affected organizations.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share