Security News > 2019 > March > Cisco botched patches for its RV320/RV325 routers
2019-03-28 10:42
Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to remote code execution & configuration export due to incomplete patch 🚨 #RCE #RV320 #RV325 New advisories: https://t.co/fPzrrkb3Hk https://t.co/xZex3wdfpb https://t.co/iZUuCCEnGx — RedTeam Pentesting (@RedTeamPT) March 27, 2019 There are still many vulnerable devices CVE-2019-1652 and CVE-2019-1653 were discovered in September 2018 by security experts from RedTeam Pentesting and disclosed … More → The post Cisco botched patches for its RV320/RV325 routers appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/TLdmiYNFGwo/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-24 | CVE-2019-1653 | Information Exposure vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. | 7.5 |
| 2019-01-24 | CVE-2019-1652 | OS Command Injection vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. | 7.2 |