CVE-2020-3357

Name of the Vulnerable Software and Affected Versions Cisco Small Business RV340 versions Cisco Small Business RV340W versions Cisco Small Business RV345 versions Cisco Small Business RV345P versions

Description The issue exists due to insufficient validation of HTTP requests in the Secure Sockets Layer (SSL) VPN feature. This could allow a remote attacker to execute arbitrary code on an affected device or cause it to reload, resulting in a denial of service (DoS) condition. An attacker could exploit this by sending a crafted HTTP request over an SSL connection.

Recommendations For Cisco Small Business RV340, update the firmware to a version that fixes the vulnerability. For Cisco Small Business RV340W, update the firmware to a version that fixes the vulnerability. For Cisco Small Business RV345, update the firmware to a version that fixes the vulnerability. For Cisco Small Business RV345P, update the firmware to a version that fixes the vulnerability.