Cisco Small Business Rv Series Routers – Cisco has released patches for multiple vulnerabilities in its RV series router platform for small businesses that could allow remote attackers to gain full control of the device, in many cases without authentication.
In total, there are 15 vulnerabilities fixed by these security updates, five of which are rated critical, that could be used by threat actors to gain root or remote command privileges on a device.
Cisco Small Business Rv Series Routers
According to the advisory, an attacker exploiting these flaws could execute arbitrary code, elevate privileges, execute commands, bypass authentication protections, obtain and execute unsigned software, and cause denial of service (DoS) conditions.
Rv Series Routers Device Emulator Archive
Cisco’s advisory notes that many of the vulnerabilities are classified as “public” due to their ease of exploitation and potential for abuse.
CVE-2022-20699: Code execution vulnerability in the SSL VPN module caused by insufficient bounds checking when handling special HTTP requests. (CVSS v3 version 10.0)
CVE-2022-20700andCVE-2022-20701: An escalation of privilege (to root) vulnerability in the router’s web-based management interface is an insufficient authorization mechanism. (CVSS v3 scores 10.0 and 9.0 respectively)
CVE-2022-20703: Signature verification bypasses a vulnerability in the software image verification feature that relies on improper verification of software images installed on an affected device. (CVSS v3 version 9.3)
Cisco Small Business Technology Group (sbtg)
CVE-2022-20708: Command injection flaw in the web-based management interface of routers where user-provided login authentication is insufficient. (CVSS v3 version 10.0)
Cisco cautions that some of these vulnerabilities need to be bridged together using an RV series router.
A Cisco consultant explained: “Some vulnerabilities are interdependent. Exploitation of other vulnerabilities may require opening one.”
Even if your product is not affected by any critical vulnerabilities, it is possible for threat actors to combine several critical flaws to launch high-impact attacks.
Trio Of Rce Cvss 10 Vulnerabilities Among 15 Cves In Cisco Small Business Routers
If you use one of the products listed above, it is recommended that you apply security updates as soon as possible.
Cisco’s Product Security Incident Response Team (PSIRT) said it is aware of the concept of exploit code provided for several vulnerabilities fixed in these updates.
The CVE-2022-20699 vulnerability was discovered and exploited by the FlashBack team at the Pwn2Own Austin 2021 hacking contest.
FlashBack’s Pedro Ribeirosa says they will demo this expedition and release a public PoC.
Configuring Cisco Umbrella On Your Network Via Rv34x Series Routers
It is not known which PoCs are used for other vulnerabilities, but these PoCs will soon become public once security updates are released.
Once exposed, threat actors can quickly use them in attacks, and it’s important to update every RV router as soon as possible.
Bill Tolas Bill Tolas is a technology writer and communications journalist with decades of experience working for a variety of online publications. The open source advocate and Linux enthusiast now finds joy in tracking hackers, malware and data breaches and exploring the complex ways technology is rapidly changing our lives.
Cisco rv series routers, cisco rv series, cisco routers for business, cisco series routers, cisco small business wireless routers, cisco routers for small business, cisco small business routers, cisco 2900 series routers, cisco rv routers, cisco 3900 series routers, cisco 2500 series routers, cisco vpn routers small business