Security News > 2022 > February > Critical Cisco Bugs Open VPN Routers to Cyberattacks
Critical security vulnerabilities in Cisco's Small Business RV Series routers could allow privilege escalation, remote code execution with root privileges on the devices and more.
The critical bugs are part of 15 total vulnerabilities affecting the RV product line that Cisco disclosed this week.
The flaws tracked as CVE-2022-20700, CVE-2022-20701 and CVE-2022-20702 meanwhile exist in the web-based management interface of Cisco Small Business RV Series Routers and could allow a remote attacker to elevate privileges to root.
Three bugs affecting the RV340, RV340W, RV345 and RV345P Dual WAN Gigabit VPN routers could allow an unauthenticated, remote attacker to inject and execute arbitrary commands on the underlying Linux operating system, Cisco warned.
A vulnerability in the Open Plug and Play module of the appliances could allow an unauthenticated, remote attacker to inject and execute arbitrary commands on the underlying Linux operating system, Cisco said.
A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345 and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device.
News URL
https://threatpost.com/criticalcisco-bugs-vpn-routers-cyberattacks/178199/
Related news
- Over 25,000 SonicWall VPN Firewalls exposed to critical flaws (source)
- Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers (source)
- 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks (source)
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2022-20702 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.2 |
| 2022-02-10 | CVE-2022-20701 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.8 |
| 2022-02-10 | CVE-2022-20700 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 9.8 |