Race condition

2020-07-1618:15:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.1%

JSON

A vulnerability in the Secure Sockets Layer (SSL) VPN feature for Cisco Small Business RV VPN Routers could allow an unauthenticated, remote attacker to cause the device to unexpectedly restart, causing a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request over an SSL connection to the targeted device. A successful exploit could allow the attacker to cause a reload, resulting in a DoS condition.

CPENameOperatorVersion
rv340_dual_wan_gigabit_vpn_router_firmwarelt1.0.03.18
rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmwarelt1.0.03.18
rv345_dual_wan_gigabit_vpn_router_firmwarelt1.0.03.18
rv345p_dual_wan_gigabit_poe_vpn_router_firmwarelt1.0.03.18

Name	Operator	Version
rv340_dual_wan_gigabit_vpn_router_firmware	lt	1.0.03.18
rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware	lt	1.0.03.18
rv345_dual_wan_gigabit_vpn_router_firmware	lt	1.0.03.18
rv345p_dual_wan_gigabit_poe_vpn_router_firmware	lt	1.0.03.18