There have been reports of more security flaws in Cisco routers. Numerous Cisco routers have a high-severity vulnerability. In the second stage of the attack, this enables threat actors to overcome authentication and acquire root access to the endpoint. And even execute arbitrary commands on the underlying operating system.
The information was provided by Cisco. They stated that since the vulnerability was found on endpoints that had reached the end of their useful lives, it would not be fixed. The RV016, RV042, RV042G, and RV082 routers from Cisco Small Business are impacted by the bug, which is designated CVE-2023-20025. Attackers might circumvent device authentication and remotely exploit the susceptible routers by sending a specially crafted HTTP request to their web-based management interface.
The attackers might then use a second vulnerability. The recently discovered CVE-2023-2002, that is, to issue the operating system of the device with arbitrary commands.
Security flaws in Cisco routers: obstructing crucial ports
The defects are classified as “critical,” yet Cisco will not be fixing them. Mainly because the company no longer supports the impacted devices. However, according to BleepingComputer, the RV042 and RV042G routers are still on sale through January 30, 2020. And they will continue to receive maintenance from the manufacturer through January 31, 2025.
The weakness cannot be fixed, however, administrators can prevent prospective attacks by blocking access to ports 443 and 60443 or disabling the routers’ web-based management interface.
Cisco has previously chosen not to address important authentication bypass issues. According to BleepingComputer, a similar bug was found to affect RV110W, RV130, RV130W, and RV2015W EoL in September. Cisco advised users to switch to RV132W, RV160, and RV160W at the time.
A serious remote code execution (RCE) vulnerability was discovered in June and allowed to remain unfixed (recorded as CVE-2022-20825).
Due to their importance in data transmission, routers are a prime target for cybercriminals. Therefore, high-severity issues are frequently discovered and fixed by OEMs and cybersecurity experts. Unpatched faults, however, can cause a lot of damage to a network because threat actors can exploit known vulnerabilities rather than having to find new ones.