Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be used to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept (PoC) exploit code targeting some of these bugs.
Additionally, the flaws could be exploited to bypass authentication and authorization protections, retrieve and run unsigned software, and even cause denial-of-service (DoS) conditions.
Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the highest CVSS rating of 10.0, and affect its Small Business RV160, RV260, RV340, and RV345 Series routers.
CVE-2022-20699 concerns a case of remote code execution that could be exploited by an attacker by sending specially crafted HTTP requests to a device that functions as an SSL VPN Gateway, effectively leading to the execution of malicious code with root privileges.
CVE-2022-20700, CVE-2022-20701, and CVE-2022-20702, which stems from an insufficient authorization enforcement mechanism, could be abused to elevate privileges to root and execute arbitrary commands on the affected system.
CVE-2022-20708, the third flaw, is due to insufficient validation of user-supplied input, enabling the adversary to inject malicious commands and get them on the underlying Linux operating system.
Cisco also emphasized that there are no workarounds that address the weaknesses, urging customers to update to the latest version of the software as soon as possible to counter any potential attacks.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
