CVE-2024-20521

6.5 MEDIUM

Remote Code Execution

📋 TL;DR

This vulnerability allows authenticated administrators on affected Cisco Small Business routers to execute arbitrary code with root privileges by sending crafted HTTP requests to the web management interface. Attackers need valid admin credentials to exploit this input validation flaw. Organizations using RV042, RV042G, RV320, or RV325 routers are affected.

💻 Affected Systems

Products:

• Cisco Small Business RV042
• Cisco Small Business RV042G
• Cisco Small Business RV320
• Cisco Small Business RV325

Versions: All versions prior to fixed releases

Operating Systems: Embedded router OS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires admin credentials; web management interface must be accessible.

📦 What is this software?

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042 Firmware by Cisco

View all CVEs affecting Rv042 Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv042g Firmware by Cisco

View all CVEs affecting Rv042g Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv320 Firmware by Cisco

View all CVEs affecting Rv320 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

Rv325 Firmware by Cisco

View all CVEs affecting Rv325 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of router with root-level code execution, enabling network traffic interception, credential theft, lateral movement to internal networks, and persistent backdoor installation.

🟠

Likely Case

Privileged attacker with admin credentials gains full control of router to modify configurations, intercept traffic, or use as pivot point for internal attacks.

🟢

If Mitigated

Limited impact if strong credential management and network segmentation prevent unauthorized admin access.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires admin credentials but is straightforward once obtained; no public exploit code known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Cisco advisory for specific fixed versions per model

Vendor Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV

Restart Required: Yes

Instructions:

1. Access router web interface with admin credentials. 2. Navigate to Administration > Firmware Upgrade. 3. Download latest firmware from Cisco support site. 4. Upload and install firmware. 5. Reboot router after installation.

🔧 Temporary Workarounds

Disable Web Management Interface

all

Prevent access to vulnerable interface by disabling web-based administration

Copy

Configuration varies by model; use CLI: configure terminal, no ip http server, write memory

Restrict Management Access

all

Limit web interface access to specific trusted IP addresses only

Copy

Access router web interface > Firewall > Access Rules > Add rule restricting port 80/443 to trusted IPs

🧯 If You Can't Patch

• Implement strict admin credential policies with strong passwords and MFA if supported
• Segment router management interface to isolated VLAN with strict firewall rules

🔍 How to Verify

Check if Vulnerable:

Copy

Check router firmware version via web interface (Status > Router) or CLI (show version) and compare with Cisco advisory

Check Version:

Copy

show version (CLI) or check Status > Router in web interface

Verify Fix Applied:

Copy

Confirm firmware version matches or exceeds fixed version listed in Cisco advisory

📡 Detection & Monitoring

Log Indicators:

• Unusual HTTP POST requests to management interface
• Multiple failed login attempts followed by successful admin login
• Configuration changes from unexpected sources

Network Indicators:

• HTTP traffic to router management port with unusual payload patterns
• Outbound connections from router to unexpected destinations

SIEM Query:

Copy

source="router_logs" (http_method="POST" AND uri="/cgi-bin/*" AND status=200) OR (event_type="authentication" AND user="admin" AND result="success" FROM new_ip)

📊 Metadata

CVE ID: CVE-2024-20521

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-121

Published: October 2, 2024

Last Updated: October 8, 2024

🔗 References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv04x_rv32x_vulns-yJ2OSDhV Vendor Advisory

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-20521, you might also want to check these:

CVE-2024-39791 10.0

CVE-2024-39791 is a critical stack-based buffer overflow vulnerability in Vonets industrial WiFi bri...

Same vulnerability type (CWE-121)

CVE-2022-20699 10.0

This critical vulnerability in Cisco Small Business routers allows unauthenticated remote attackers ...

Same vulnerability type (CWE-121)

CVE-2022-20701 10.0

This CVE describes multiple critical vulnerabilities in Cisco Small Business RV series routers that ...

Same vulnerability type (CWE-121)