Cisco fixes critical flaws in its Small Business Routers

Cisco released security patches to address multiple flaws in its Small Business RV160, RV260, RV340, and RV345 series routers.

Cisco announced patches for multiple issue affecting its Small Business RV160, RV260, RV340, and RV345 series routers. Some of the bugs fixed by the IT giant could lead to the execution of arbitrary code with root privileges.

The most severe flaw fixed by the company is a remote code execution issue tracked as CVE-2022-20699 (CVSS score of 10.0). The root cause of the flaw are the insufficient boundary checks performed during the processing of specific HTTP requests.

“A vulnerability in the SSL VPN module of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.” reads the security advisory published by the company. “This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker could exploit this vulnerability by sending malicious HTTP requests to the affected device that is acting as an SSL VPN Gateway. A successful exploit could allow the attacker to execute code with root privileges on the affected device.”

The company also addressed two critical issues in the web-based management interface of the Small Business RV routers, tracked as CVE-2022-20700 (CVSS score of 10) and CVE-2022-20701 (CVSS score of 9.0) respectively.

An attacker could exploit the flaw to escalate privileges to root and execute arbitrary commands on the vulnerable device.

“These vulnerabilities are due to insufficient authorization enforcement mechanisms. An attacker could exploit these vulnerabilities by submitting specific commands to an affected device. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the affected system.” reads the advisory.

Other critical issues addressed by Cisco are a Command Injection vulnerability and a Digital Signature Verification Bypass vulnerability, respectively tracked as CVE-2022-20708 (CVSS score of 10.0) and CVE-2022-20703 (CVSS score of 9.3).

The advisory also includes details about various other high and medium-severity vulnerabilities in the Cisco Small Business routers.

An attacker can exploit the vulnerabilities to inject and execute arbitrary commands, cause a denial of service (DoS) condition, execute arbitrary code, obtain partial administrative privileges, view or alter information shared with other devices, overwrite certain files, upload arbitrary files, .

The company urges customers to install security updates for the impacted Cisco Small Business routers, it pointed out that there are no workarounds to address these issues.

The company is aware of the availability of public proof-of-concept (PoC) exploit code to trigger some of the vulnerabilities it has addressed.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Small Business routers)

[adrotate banner=”5″]

[adrotate banner=”13″]