Cisco Small Business RV Series Routers have been found to have a number of critical flaws

Cisco Small Business RV Series Routers have been found to have a number of critical flaws.

Short News:- 

Security flaws in Cisco's RV routers have been patched, along with warnings that proof-of-concept exploit code exists for some of these vulnerabilities. Small Business RV160, RV260, RV340, and RV345 Series routers are vulnerable to three of the 15 flaws.

Detailed News:- 

Security flaws in Cisco's RV routers have been patched, along with warnings that proof-of-concept (PoC) exploit code exists for some of these vulnerabilities.

Its Small Business RV160, RV260, RV340, and RV345 Series routers are vulnerable to three of the 15 flaws, identified as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707.

As a result, the flaws could be exploited to bypass authentication and authorization protections, obtain and run unsigned software, and even cause a denial of service conditions.

Despite acknowledging that "proof-of-concept exploit code is available for several of the vulnerabilities," the networking equipment maker refused to provide any additional information about the exploit or who might be behind it.

To exploit CVE-2022-20699, an attacker could send specially crafted HTTP requests to a device that serves as an SSL VPN Gateway and effectively execute malicious code that has root access.

Root-level access and arbitrary command execution are both possible through the exploits of CVE-2022-20701 (CVSS score: 9.0) and CVE-2022-20702 (CVSS score: 6.0), all three of which the vendor claims are the result of an inadequate authorization enforcement mechanism.

This vulnerability, CVE-2022-20708, is the third flaw to receive a CVSS score of 10.0, allowing an attacker to inject malicious commands into the Linux operating system.

Cisco has also addressed the following issues:

• Digital Signature Bypass Vulnerability in Cisco Small Business RV Series Routers (CVE-2022-20703, CVSS 9.3)
• The CVE-2022-20704 vulnerability (CVSS score: 4.8) A vulnerability in the SSL certificate validation process exists in Cisco Small Business RV Series Routers.
• Cisco Small Business RV Series Routers Improper Session Management Vulnerability (CVE-2022-20705, CVSS 5.3)
• Plug and Play Command Injection Vulnerability CVE-2022-20706 (CVSS score: 8.3) – Cisco RV Series Routers
• Command Injection Vulnerabilities in Cisco RV340, RV340W, RV345, RV345P Dual WAN Gigabit VPN Routers CVE-2022-20707 and CVE-2022-20749
• Vulnerability CVE-2022-20709 (CVSS score: 5.3) affects dual WAN Gigabit VPN routers such as the Cisco RV340, RV340W, RV345, and RV345P, which are vulnerable to arbitrary file uploads.
• CVE-2022-20710 (CVSS score: 5.3) – GUI Denial of Service Vulnerability in the Cisco Small Business RV Series Routers.
• Arbitrary File Overwrite Vulnerability in Cisco Dual-WAN Gigabit VPN Router RV340, RV340W, RV345, and RV345P CVE-2022-20711 (CVSS 8.2)
• CVE-2022-20712 – Remote Code Execution Vulnerability in Cisco Small Business RV Series Routers Upload Module (CVSS 7.3)

Products Affected & Vulnerability

To date, CVE-2022-20701 has been assigned to the CVE-2022-20702 vulnerability, which has been assigned to the 20703 vulnerability. The following Cisco products are affected:

Virtual private network (VPN) routers RV160, RV260, RV260P, RV260W, and RV260W Wireless-AC are all available.

In addition to the RV340 and RV340W dual WAN gigabit wireless-AC VPN routers, there are RV345 and RV345P gigabit POE VPN routers as well.

In addition to CVE-2022-20699, there are seven other vulnerabilities that affect only Cisco products:

The RV340 and RV340W are dual-WAN Gigabit VPN routers, respectively.

In the RV345 and RV345P, there are dual-WAN Gigabit VPN routers.

According to Cisco, there are no workarounds for the aforementioned vulnerabilities, so users should immediately upgrade to the most recent version of the software to protect themselves from any potential attacks.