Security News > 2019 > March > Cisco botched patches for its RV320/RV325 routers

Cisco botched patches for its RV320/RV325 routers
2019-03-28 10:42

Cisco RV320 and RV325 WAN VPN routers are still vulnerable to attack through two flaws that Cisco had supposedly patched. #Cisco Small Business Routers still vulnerable to remote code execution & configuration export due to incomplete patch 🚨 #RCE #RV320 #RV325 New advisories: https://t.co/fPzrrkb3Hk https://t.co/xZex3wdfpb https://t.co/iZUuCCEnGx — RedTeam Pentesting (@RedTeamPT) March 27, 2019 There are still many vulnerable devices CVE-2019-1652 and CVE-2019-1653 were discovered in September 2018 by security experts from RedTeam Pentesting and disclosed … More → The post Cisco botched patches for its RV320/RV325 routers appeared first on Help Net Security.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/TLdmiYNFGwo/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2019-01-24 CVE-2019-1653 Information Exposure vulnerability in Cisco Rv320 Firmware and Rv325 Firmware
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information.
network
low complexity
cisco CWE-200
7.5
2019-01-24 CVE-2019-1652 OS Command Injection vulnerability in Cisco Rv320 Firmware and Rv325 Firmware
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
network
low complexity
cisco CWE-78
7.2

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751