CVE-2022-20712

Name of the Vulnerable Software and Affected Versions Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers (affected versions not specified)

Description The issue allows an attacker to execute arbitrary code, elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause denial of service (DoS). This is caused by a buffer overflow in the firmware loading module of the affected routers. Exploitation can occur through sending a specially crafted HTTP request.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.