CVE-2024-20519

6.5 MEDIUM

Remote Code Execution

📋 TL;DR

This vulnerability allows authenticated administrators on affected Cisco Small Business routers to execute arbitrary code with root privileges by sending crafted HTTP requests to the web management interface. Attackers need valid admin credentials to exploit this input validation flaw. Organizations using RV042, RV042G, RV320, or RV325 routers are affected.

💻 Affected Systems

Products:

• Cisco Small Business RV042
• Cisco Small Business RV042G
• Cisco Small Business RV320
• Cisco Small Business RV325

Versions: All versions prior to fixed releases

Operating Systems: Embedded router OS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires web management interface access with admin credentials; default admin accounts are vulnerable if credentials are known or compromised.

📦 What is this software?

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of router with root-level code execution, enabling persistent backdoor installation, network traffic interception, lateral movement to connected systems, and router configuration manipulation.

🟠

Likely Case

Privileged attacker with stolen or compromised admin credentials gains full control of router to redirect traffic, intercept communications, or disrupt network operations.

🟢

If Mitigated

Limited impact due to strong credential protection, network segmentation, and restricted admin access, though risk remains from insider threats or credential theft.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials but is straightforward once credentials are obtained; no public exploit code is known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Cisco advisory for specific fixed versions per model

Vendor Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV

Restart Required: Yes

Instructions:

1. Access router web interface with admin credentials. 2. Navigate to Administration > Firmware Upgrade. 3. Download latest firmware from Cisco support site. 4. Upload and install firmware. 5. Reboot router after installation completes.

🔧 Temporary Workarounds

Disable web management interface

all

Prevents exploitation by disabling the vulnerable web interface entirely

Copy

Configure via CLI: no ip http server
no ip http secure-server

Restrict admin access

all

Limit web interface access to specific trusted IP addresses only

Copy

Configure via web interface: Firewall > Access Rules to restrict port 80/443 access

🧯 If You Can't Patch

• Change all admin passwords to strong, unique credentials and enable multi-factor authentication if supported
• Segment router management interface to isolated VLAN with strict firewall rules limiting access

🔍 How to Verify

Check if Vulnerable:

Copy

Check router model and firmware version via web interface (Status > Router) or CLI (show version)

Check Version:

Copy

show version

Verify Fix Applied:

Copy

Confirm firmware version matches or exceeds fixed version listed in Cisco advisory

📡 Detection & Monitoring

Log Indicators:

• Unusual HTTP POST requests to web interface
• Multiple failed login attempts followed by successful admin login
• Unexpected configuration changes or firmware update attempts

Network Indicators:

• Suspicious traffic to router management ports (80/443) from unexpected sources
• Unusual outbound connections from router after exploitation

SIEM Query:

Copy

source="router_logs" AND (url="*cgi-bin*" OR method="POST") AND status=200 AND user="admin"

📊 Metadata

CVE ID: CVE-2024-20519

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-121

Published: October 2, 2024

Last Updated: October 8, 2024

🔗 References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-20519, you might also want to check these:

CVE-2024-39791 10.0

CVE-2024-39791 is a critical stack-based buffer overflow vulnerability in Vonets industrial WiFi bri...

Same vulnerability type (CWE-121)

CVE-2022-20699 10.0

This critical vulnerability in Cisco Small Business routers allows unauthenticated remote attackers ...

Same vulnerability type (CWE-121)

CVE-2022-20701 10.0

This CVE describes multiple critical vulnerabilities in Cisco Small Business RV series routers that ...

Same vulnerability type (CWE-121)