Cisco warned of two security vulnerabilities which affects end-of-life Small Business RV016, RV042, RV042G, and RV082 routers which will not be fixedaccording to them as it acknowledged the public availability of proof-of-concept exploit.
The issues of cisco are present in the routers web-based management interface which enables a remote adversary to sidestep authentication which malicious commands on the underlying operating system.
Severe of the two is CVE-2023-20025 (CVSS score: 9.0)is the result of improper validation of user input within incoming HTTP packets
A threat actor could misusing it by sending a specially crafted HTTP request to vulnerable routers’ web-based management interface to bypass authentication and obtain elevated permissions.
The lack of adequate validation is the reason which is behind the second flaw that tracked as CVE-2023-20026 (CVSS score: 6.5)which permits an attacker with valid admin credentials to get root-level privileges and access unauthorized data.
Cisco has not released any software updates to address with vulnerabilities. Cisco Small Business like RV016, RV042, RV042G, and RV082 Routers have entered the end-of-life process.
Administrators has recommendes to disable remote management and block access to ports 443 and 60443.
Cisco is cautioning users to dtermine the applicability and effectiveness in their own environment and under their own use conditions.
Hou Liuyang of Qihoo 360 Netlab has credited with the discovering and reporting flaws to Cisco.
The network equipment major has further noted that while it’s aware of PoC code in the wild.It said that it has not observed any malicious use of the vulnerabilities in real-world attacks.