Security News > 2023 > January > Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)
Cisco has acknowledged one critical and two medium-severity vulnerabilities affecting some of its Small Business series of routers, but won't be fixing them as the devices "Have entered the end-of-life process."
Proof-of-concept exploit code for CVE-2023-20025 and CVE-2023-20026 is available online, but there is currently no indication of any of these flaws being exploited by attackers.
CVE-2023-20025 is an authentication bypass vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 VPN routers.
CVE-2023-20045 is a RCE flaw in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN routers, and also requires successful authentication before exploitation.
In RV160 and RV260 devices, the vulnerable web-based management interface is available through local LAN connections by default and can be made available through the WAN interface.
Cisco naturally prefer admins to go for the latter option when products stop being supported.
News URL
https://www.helpnetsecurity.com/2023/01/12/cve-2023-20025-cve-2023-20026/
Related news
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Mitel MiCollab zero-day and PoC exploit unveiled (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- 390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-20 | CVE-2023-20045 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV160 and RV260 Series VPN Routers could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user input. | 7.2 |
2023-01-20 | CVE-2023-20026 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business Routers RV042 Series could allow an authenticated, remote attacker to inject arbitrary commands on an affected device. This vulnerability is due to improper validation of user input fields within incoming HTTP packets. | 7.2 |
2023-01-20 | CVE-2023-20025 | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device. This vulnerability is due to incorrect user input validation of incoming HTTP packets. | 9.8 |