Cisco Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities
Description
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers and Cisco Small Business RV016, RV042, and RV082 Routers could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code on an affected device. The vulnerabilities are due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An attacker with administrative privileges that are sufficient to log in to the web-based management interface could exploit each vulnerability by sending crafted requests that contain overly large values to an affected device, causing a stack overflow. A successful exploit could allow the attacker to cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Cisco Small Business RV series routers contain a stack overflow allowing authenticated remote code execution with root privileges.
Vulnerability
The vulnerability (CVE-2020-3286) exists in the web-based management interface of Cisco Small Business RV320 and RV325 Series Routers, as well as RV016, RV042, and RV082 Routers. It is due to insufficient boundary restrictions on user-supplied input to scripts in the web-based management interface. An authenticated remote attacker with administrative privileges can trigger a stack overflow by sending crafted requests with overly large values. Affected firmware versions are those prior to the fixed releases described in the Cisco advisory [1].
Exploitation
An attacker must have administrative credentials sufficient to log into the web-based management interface. The attacker then sends specially crafted HTTP requests containing overly large input values to the vulnerable device, causing a stack overflow. No user interaction beyond the initial authentication is required, and the attack is performed remotely over the network [1].
Impact
Successful exploitation can cause the device to crash or allow the attacker to execute arbitrary code with root privileges on the underlying operating system. This gives full control over the router, potentially leading to data exfiltration, network disruption, or further lateral movement [1].
Mitigation
Cisco has released free software updates to address these vulnerabilities. Customers should upgrade to fixed firmware versions as specified in the Cisco Security Advisory [1]. As of the advisory publication date (June 17, 2020), no workaround was available. The vulnerabilities are not known to be listed on the CISA KEV as of the publication date [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-routers-stack-vUxHmnNzmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.