K0Mor3B1

**Nome do software vulnerável e versões afetadas** Versões do firmware do Zyxel VMG3625-T50B até a V5.50(ABPM.9.2)C0 **Descrição** Uma vulnerabilidade de estouro de buffer pós-autenticação no parâmetro `action` do programa CGI poderia permitir que um invasor autenticado com privilégios de administrador causasse uma condição temporária de negação de serviço (DoS) contra a interface de gerenciamento web, enviando uma solicitação HTTP GET maliciosa a um dispositivo vulnerável, caso a função ZyEE esteja habilitada. **Recomendações** Para as versões de firmware do Zyxel VMG3625-T50B até a V5.50(ABPM.9.2)C0, como solução temporária, considere desativar a função ZyEE até que um patch esteja disponível. Restrinja o acesso ao programa CGI para minimizar o risco de exploração. Evite usar o parâmetro `action` no endpoint da API afetado até que o problema seja resolvido. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** The issue is related to improper validation of user input in incoming HTTP packets, which could allow a remote attacker to cause an unexpected reload of the device, resulting in a denial of service (DoS) condition. The attacker would need to have valid Administrator credentials on the affected device to exploit this vulnerability. This can be achieved by sending a crafted HTTP request to the web-based management interface of the affected device. **Recommendations** To resolve the issue, update the firmware of the Cisco Small Business RV042, RV042G, RV320, and RV325 Routers to a version that includes the fix for this vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. This is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this by sending crafted HTTP requests to an affected device, potentially allowing the execution of arbitrary code on the underlying operating system as the root user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** The issue is related to a buffer overflow in the memory due to insufficient input validation when processing HTTP packets in the web-based management interface of the affected routers. This could allow a remote attacker to execute arbitrary code or cause a denial of service by sending a specially crafted HTTP request. The vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device, potentially allowing them to execute arbitrary code on the underlying operating system as the root user, but only if they have valid Administrator credentials on the affected device. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to execute arbitrary code as the root user. This is due to improper validation of user-supplied input in the web-based management interface. An attacker could exploit this by sending crafted HTTP requests to an affected device, potentially allowing the execution of arbitrary code on the underlying operating system as the root user. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. This is due to improper validation of user input in incoming HTTP packets. An attacker could exploit this by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. The vulnerability may also allow a remote attacker to execute arbitrary code by sending specially crafted HTTP requests. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. This is due to improper validation of user input in incoming HTTP packets. An attacker could exploit this by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. The vulnerability may also be related to a buffer overflow in memory due to insufficient input validation when processing HTTP packets, potentially allowing a remote attacker to execute arbitrary code or cause a denial of service by sending a specially crafted HTTP request. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** The issue is related to insufficient validation of user input in incoming HTTP packets, which can lead to a buffer overflow in memory. This can be exploited by sending a specially crafted HTTP request to the web-based management interface, potentially allowing a remote attacker to execute arbitrary code or cause a denial of service (DoS) condition. The exploitation requires valid Administrator credentials on the affected device. **Recommendations** For Cisco Small Business RV042, RV042G, RV320, and RV325 Routers, consider restricting access to the web-based management interface until a fix is available. As a temporary workaround, limit the use of the web-based management interface to minimize the risk of exploitation. Avoid using the web-based management interface with Administrator credentials until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** A vulnerability in the web-based management interface could allow an authenticated, Administrator-level, remote attacker to cause an unexpected reload of an affected device, resulting in a denial of service (DoS) condition. This is due to improper validation of user input in incoming HTTP packets. An attacker could exploit this by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. The vulnerability may also allow an attacker to execute arbitrary code. **Recommendations** For Cisco Small Business RV042, RV042G, RV320, and RV325 Routers, consider disabling access to the web-based management interface until a patch is available. Restrict access to the management interface to minimize the risk of exploitation. Avoid using the web-based management interface for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Cisco Small Business RV042, RV042G, RV320, and RV325 Routers (affected versions not specified) **Description** The issue is related to a buffer overflow in the memory due to insufficient input validation when processing HTTP packets. This could allow a remote attacker to execute arbitrary code or cause a denial of service by sending a specially crafted HTTP request. The vulnerability is due to improper validation of user-supplied input in the web-based management interface. An attacker would need to have valid Administrator credentials on the affected device to exploit this vulnerability. **Recommendations** For all affected versions, to resolve the issue, ensure that only authorized access to the web-based management interface is allowed and consider restricting access to the interface until a fix is available. As a temporary workaround, consider disabling remote access to the management interface until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.