Cisco Issues Warning for Unpatched Vulnerabilities in EoL Business Routers

Jan 14, 2023Ravie LakshmananNetwork Security / Bug Report

Cisco has warned of two security vulnerabilities affecting
end-of-life (EoL) Small Business RV016, RV042, RV042G, and RV082
routers that it said will not be fixed, even as it acknowledged the
public availability of proof-of-concept (PoC) exploit.

The issues^[1]
are rooted in the router’s web-based management interface, enabling
a remote adversary to sidestep authentication or execute malicious
commands on the underlying operating system.

The most severe of the two is CVE-2023-20025 (CVSS score: 9.0),
which is the result of improper validation of user input within
incoming HTTP packets.

A threat actor could exploit it remotely by sending a specially
crafted HTTP request to vulnerable routers’ web-based management
interface to bypass authentication and obtain elevated
permissions.

The lack of adequate validation is also the reason behind the
second flaw tracked as CVE-2023-20026 (CVSS score: 6.5), permitting
an attacker with valid admin credentials to achieve root-level
privileges and access unauthorized data.

“Cisco has not released and will not release software updates to
address the vulnerabilities,” the company said. “Cisco Small
Business RV016, RV042, RV042G, and RV082 Routers have entered the
end-of-life process.”

As workarounds, administrators are recommended to disable remote
management and block access to ports 443 and 60443. That said,
Cisco is cautioning users to “determine the applicability and
effectiveness [of the mitigation] in their own environment and
under their own use conditions.”

Hou Liuyang of Qihoo 360 Netlab has been credited with
discovering and reporting the flaws to Cisco.

The network equipment major further noted that while it’s aware
of PoC code in the wild, it said that it has not observed any
malicious use of the vulnerabilities in real-world attacks.