News

Cisco Fixes Critical Vulnerabilities in RV Series Routers

Cisco has fixed several critical vulnerabilities affecting many of the popular RV series routers.

Bugs can be used to escalate privileges, execute arbitrary code (in many cases without authentication), run commands, bypass authentication, download and run unsigned software, denial of service (DoS). In addition, the company warns that exploits already exist for some of them.

In total, the patches fix 15 vulnerabilities, five of which are rated as critical, as attackers can use them to gain root privileges or remotely execute commands on the device.

Three vulnerabilities actually received the maximum 10 points out of 10 possible on the CVSS vulnerability rating scale: CVE-2022-20699, CVE-2022-20700 and CVE-2022-20707. These issues affect the RV160, RV260, RV340, and RV345 series routers.

CVE-2022-20699 is an arbitrary code execution issue in the SSL VPN module. The bug is related to insufficient bounds checking when processing certain HTTP requests. In turn, the vulnerabilities CVE-2022-20700 and CVE-2022-20708 allow privileges to be elevated to the root level and arbitrary commands to be injected. They were found in the web interface of routers, the protection mechanisms of which turned out to be too weak and did not check the data entered by the user.

Other critical vulnerabilities include CVE-2022-20703, a signature verification bypass (CVSS score of 9.3), and CVE-2022-20701 (CVSS score of 9), which allows privilege escalation.

Cisco engineers say that some of the vulnerabilities need to be exploited together:

“Some vulnerabilities depend on each other. Exploitation of one vulnerability may be required to exploit another.”
It is emphasized that PoC exploits already exist for some of these bugs. For example, the CVE-2022-20699 vulnerability was discovered by the FlashBack team during the Pwn2Own Austin 2021 hacking competition. FlashBack’s Pedro Ribeiro promised that the team would show a PoC exploit for this issue as part of their OffensiveCon 2022 talk. Cisco is not reported.

Let me remind you that we also wrote that Cisco warned about 0-day vulnerabilities in IOS XR, and that Cisco will not fix a critical bug in older routers.

User Review
0 (0 votes)
Comments Rating 0 (0 reviews)
Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Recent Posts

Remove Kurlibat.xyz pop-up ads (Virus Removal Guide)

Kurlibat.xyz is a site that tries to trick you into clik to its browser notifications…

19 hours ago

Remove Initiateintenselyrenewedthe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyrenewedthe-file.top is a domain that tries to trick you into clik to its browser notifications…

19 hours ago

Remove Wotigorn.xyz pop-up ads (Virus Removal Guide)

Wotigorn.xyz is a site that tries to force you into subscribing to its browser notifications…

19 hours ago

Remove Initiateintenselyprogressivethe-file.top pop-up ads (Virus Removal Guide)

Initiateintenselyprogressivethe-file.top is a domain that tries to force you into clik to its browser notifications…

19 hours ago

Remove Nuesobatoxylors.co.in pop-up ads (Virus Removal Guide)

Nuesobatoxylors.co.in is a domain that tries to trick you into subscribing to its browser notifications…

23 hours ago

Remove Helistym.xyz pop-up ads (Virus Removal Guide)

Helistym.xyz is a site that tries to force you into clik to its browser notifications…

23 hours ago