Security News > 2023 > January > Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers
2023-01-14 04:11

Cisco has warned of two security vulnerabilities affecting end-of-life Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept exploit.

The issues are rooted in the router's web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious commands on the underlying operating system.

A threat actor could exploit it remotely by sending a specially crafted HTTP request to vulnerable routers' web-based management interface to bypass authentication and obtain elevated permissions.

"Cisco has not released and will not release software updates to address the vulnerabilities," the company said.

"Cisco Small Business RV016, RV042, RV042G, and RV082 Routers have entered the end-of-life process."

Hou Liuyang of Qihoo 360 Netlab has been credited with discovering and reporting the flaws to Cisco.


News URL

https://thehackernews.com/2023/01/cisco-issues-warning-for-unpatched.html

Related news

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2048 21 1784 1677 288 3770