Security News > 2022 > February > Critical Cisco Bugs Open VPN Routers to Cyberattacks
Critical security vulnerabilities in Cisco's Small Business RV Series routers could allow privilege escalation, remote code execution with root privileges on the devices and more.
The critical bugs are part of 15 total vulnerabilities affecting the RV product line that Cisco disclosed this week.
The flaws tracked as CVE-2022-20700, CVE-2022-20701 and CVE-2022-20702 meanwhile exist in the web-based management interface of Cisco Small Business RV Series Routers and could allow a remote attacker to elevate privileges to root.
Three bugs affecting the RV340, RV340W, RV345 and RV345P Dual WAN Gigabit VPN routers could allow an unauthenticated, remote attacker to inject and execute arbitrary commands on the underlying Linux operating system, Cisco warned.
A vulnerability in the Open Plug and Play module of the appliances could allow an unauthenticated, remote attacker to inject and execute arbitrary commands on the underlying Linux operating system, Cisco said.
A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345 and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device.
News URL
https://threatpost.com/critical-cisco-bugs-vpn-routers-cyberattacks/178199/
Related news
- Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) (source)
- Zyxel warns of critical OS command injection flaw in routers (source)
- Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Quad7 botnet targets more SOHO and VPN routers, media servers (source)
- Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances (source)
- D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers (source)
- Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks (source)
- DrayTek fixed critical flaws in over 700,000 exposed routers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2022-20702 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.2 |
| 2022-02-10 | CVE-2022-20701 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 7.8 |
| 2022-02-10 | CVE-2022-20700 | Out-of-bounds Write vulnerability in Cisco products Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | 9.8 |