Pierluigi Paganini
April 06, 2024
Cisco warns of a Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers Cross-Site scripting (XSS) flaw.
The medium severity issue, tracked as CVE-2024-20362 (CVSS score 6.1), resides in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers. An unauthenticated, remote attacker can conduct a cross-site scripting (XSS) attack against a user of the interface.
The IT giant pointed out that the impacted devices are end-of-life (EoL) RV series small business routers and the company will not release software updates to fix the problem. There are no workarounds that address this vulnerability.
“This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads.” reads the advisory. “A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.”
The flaw impacts all
To mitigate this vulnerability on Cisco Small Business RV320 and RV325 Routers, the company recommends disabling remote management. To mitigate this vulnerability on Cisco Small Business RV016, RV042, RV042G, and RV082 Routers the company recommends disabling remote management and block access to ports 443 and 60443. The routers will still be accessible through the LAN interface after implementing the mitigation.
Cisco is not aware of attacks in the wild exploiting this vulnerability, so the company urges customers to migrate to a supported product.
The company confirmed that this vulnerability does not affect the following RV Series Small Business Routers:
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, routers)
