RCE Bug found in Multiple Cisco Small Business Routers

Cisco will not fix the (CVE-2022-20825) RCE zeroday vulnerability in Small Business Routers

Cisco Router Zeroday RCE Vulnerability

Recently, Cisco issued a security advisory that fixes multiple vulnerabilities in several small business routers. A vulnerability exists in the web-based management interface of four Small Business RV Series models namely RV110W, RV130, RV130W, and RV215W routers. 

The vulnerability allows an unauthenticated remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. Users are advised to upgrade to the latest security version as soon as possible.

The vulnerability is tracked as CVE-2022-20825 and has a CVSS severity rating of 9.8 out of 10.0.

The vulnerability is caused by insufficient validation of user input for incoming HTTP packets, which could be exploited by an attacker by sending a crafted request to the web-based management interface. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on an affected device with root-level privileges.

Impact and Mitigation

The vulnerability impacts four Small Business RV Series models, which are -

  • RV110W Wireless-N VPN Firewall
  • RV130 VPN Router
  • RV130W Wireless-N Multifunction VPN Router
  • RV215W Wireless-N VPN Router

The web management interface for these devices is available over a local LAN connection that cannot be disabled, or over a WAN connection if remote management is enabled. By default, remote management is disabled on these devices.

To determine if the remote management feature is enabled on the device, open the web-based management interface and select Basic Settings > Remote Management. The vulnerability may exist if the Enable checkbox is checked, i.e. remote management is enabled on the device.

Cisco states that they will not be releasing a security update to address CVE-2022-20825 as the devices are no longer supported. Furthermore, there are no mitigations available other than to turn off remote management on the WAN interface, which should be done regardless for better overall security.

Read Also
Post a Comment