Recently, Cisco issued a security advisory that fixes multiple vulnerabilities in several small business routers. A vulnerability exists in the web-based management interface of four Small Business RV Series models namely RV110W, RV130, RV130W, and RV215W routers.
The vulnerability allows an unauthenticated remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service (DoS) condition. Users are advised to upgrade to the latest security version as soon as possible.
The vulnerability is tracked as CVE-2022-20825 and has a CVSS severity rating of 9.8 out of 10.0.
The vulnerability is caused by insufficient validation of user input for incoming HTTP packets, which could be exploited by an attacker by sending a crafted request to the web-based management interface. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on an affected device with root-level privileges.
Impact and Mitigation
The vulnerability impacts four Small Business RV Series models, which are -
- RV110W Wireless-N VPN Firewall
- RV130 VPN Router
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router