Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

2023-01-14 04:11

Cisco has warned of two security vulnerabilities affecting end-of-life Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept exploit.

The issues are rooted in the router's web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious commands on the underlying operating system.

A threat actor could exploit it remotely by sending a specially crafted HTTP request to vulnerable routers' web-based management interface to bypass authentication and obtain elevated permissions.

"Cisco has not released and will not release software updates to address the vulnerabilities," the company said.

"Cisco Small Business RV016, RV042, RV042G, and RV082 Routers have entered the end-of-life process."

Hou Liuyang of Qihoo 360 Netlab has been credited with discovering and reporting the flaws to Cisco.

News URL

https://thehackernews.com/2023/01/cisco-issues-warning-for-unpatched.html

#cisco #router #vulnerabilities

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Cisco		2046	21	1773	1669	288	3751

News URL

Related news

Related vendor