Remote management needs to be blocked.
Cisco has disclosed two critical vulnerabilities in a number of small business routers, along with high-severity vulnerabilities in three other products.
In its first patch release for 2023, the networking giant said its RV016, RV042, RV042G and RV082 routers are vulnerable to an authentication bypass bug (CVE-2023-20025) and a remote command execution (RCE) bug (CVE-2023-20026).
The authentication bypass can be exploited by sending crafted HTTP packets to the management interface, giving the attacker root access to the target system.
The RCE bug is similar, but can only be exploited by a remote attacker who has admin credentials on the affected system.
Cisco said it is aware of proof-of-concept code for the vulnerabilities.
The affected units are approaching end-of-life and won’t be patched. However, admins can disable remote management and block access to TCP/IP ports 443 and 60443.
“A successful exploit could allow the attacker to cause all subsequent requests to be dropped, resulting in a DoS condition”, the advisory stated.
Add a Comment