colinardo
Goto Top

CISCO Small Business RV Router Series severe vulnerabilities

Several security vulnerabilities threaten CISCO's RV router series, which is often used by small/medium-sized companies.

The web interface has several flaws which allow an attacker to completely take the device under his control without authorization. Subverted code can be executed as root on the device!

back-to-topAffected Devices:

CVE-2022-20827 and CVE-2022-20841 affect the following Cisco products:

    RV160 VPN Routers
    RV160W Wireless-AC VPN Routers
    RV260 VPN Routers
    RV260P VPN Routers with PoE
    RV260W Wireless-AC VPN Routers
    RV340 Dual WAN Gigabit VPN Routers
    RV340W Dual WAN Gigabit Wireless-AC VPN Routers
    RV345 Dual WAN Gigabit VPN Routers
    RV345P Dual WAN Gigabit POE VPN Routers

CVE-2022-20842 affects the following Cisco products:

    RV340 Dual WAN Gigabit VPN Routers
    RV340W Dual WAN Gigabit Wireless-AC VPN Routers
    RV345 Dual WAN Gigabit VPN Routers
    RV345P Dual WAN Gigabit POE VPN Routers

Patches are already available for download, workarounds without updating the devices are not available according to CISCO.

Cisco Small Business RV Series Routers Vulnerabilities

Regards
@colinardo

Content-Key: 3554074130

Url: https://administrator.de/contentid/3554074130

Printed on: April 25, 2024 at 07:04 o'clock