Cisco disclosed a significant flaw in the upload module of RV340 and RV345 VPN routers, allowing remote, authenticated attackers to run arbitrary code. Tracked as CVE-2024-20416 with a CVSS score of 6.5, it results from insufficient boundary checks in HTTP requests.
Cisco stated, “An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device.” If successful, the attacker might execute arbitrary code as the root user on the device’s OS. Jacob Baines of VulnCheck, Inc. discovered this flaw.
Affected Products
As of publication, the following Cisco Small Business Router Firmware Release 1.0.03.24 or later were vulnerable:
- RV340 Dual WAN Gigabit VPN Routers
- RV340W Dual WAN Gigabit Wireless-AC VPN Routers
- RV345 Dual WAN Gigabit VPN Routers
- RV345P Dual WAN Gigabit PoE VPN Routers
Cisco confirms that the following products are unaffected by this vulnerability:
- RV160 VPN Routers
- RV160W Wireless-AC VPN Routers
- RV260 VPN Routers
- RV260P PoE VPN Routers
- RV260W Wireless-AC VPN Routers
Cisco has not released and will not release patches for this vulnerability. The RV340 and RV345 VPN Routers are end-of-life, and no workarounds are available. Customers should review Cisco Security Advisories for device migration options and updates.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment