CVE-2020-3358
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers SSL Denial of Service Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.
Una vulnerabilidad en la funcionalidad Secure Sockets Layer (SSL) VPN para Cisco Small Business RV VPN Routers, podría permitir a un atacante remoto no autenticado causar el reinicio inesperado del dispositivo, causando una condición de denegación de servicio (DoS). La vulnerabilidad es debido a una falta de una comprobación de entrada apropiada de las peticiones HTTP. Un atacante podría explotar esta vulnerabilidad mediante el envío de una petición HTTP diseñada por medio de una conexión SSL al dispositivo objetivo. Una explotación con éxito podría permitir a un atacante causar una recarga, resultando en una condición DoS
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-12-12 CVE Reserved
- 2020-07-16 CVE Published
- 2023-10-18 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-dos-ZN5GvNH7 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Rv340 Dual Wan Gigabit Vpn Router Firmware Search vendor "Cisco" for product "Rv340 Dual Wan Gigabit Vpn Router Firmware" | < 1.0.03.18 Search vendor "Cisco" for product "Rv340 Dual Wan Gigabit Vpn Router Firmware" and version " < 1.0.03.18" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340 Dual Wan Gigabit Vpn Router Search vendor "Cisco" for product "Rv340 Dual Wan Gigabit Vpn Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv340w Dual Wan Gigabit Wireless-ac Vpn Router Firmware Search vendor "Cisco" for product "Rv340w Dual Wan Gigabit Wireless-ac Vpn Router Firmware" | < 1.0.03.18 Search vendor "Cisco" for product "Rv340w Dual Wan Gigabit Wireless-ac Vpn Router Firmware" and version " < 1.0.03.18" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv340w Dual Wan Gigabit Wireless-ac Vpn Router Search vendor "Cisco" for product "Rv340w Dual Wan Gigabit Wireless-ac Vpn Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv345 Dual Wan Gigabit Vpn Router Firmware Search vendor "Cisco" for product "Rv345 Dual Wan Gigabit Vpn Router Firmware" | < 1.0.03.18 Search vendor "Cisco" for product "Rv345 Dual Wan Gigabit Vpn Router Firmware" and version " < 1.0.03.18" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345 Dual Wan Gigabit Vpn Router Search vendor "Cisco" for product "Rv345 Dual Wan Gigabit Vpn Router" | - | - |
Safe
|
| Cisco Search vendor "Cisco" | Rv345p Dual Wan Gigabit Poe Vpn Router Firmware Search vendor "Cisco" for product "Rv345p Dual Wan Gigabit Poe Vpn Router Firmware" | < 1.0.03.18 Search vendor "Cisco" for product "Rv345p Dual Wan Gigabit Poe Vpn Router Firmware" and version " < 1.0.03.18" | - |
Affected
| in | Cisco Search vendor "Cisco" | Rv345p Dual Wan Gigabit Poe Vpn Router Search vendor "Cisco" for product "Rv345p Dual Wan Gigabit Poe Vpn Router" | - | - |
Safe
|