Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Vulnerabilities in Cisco Small Business RV Series Routers

cisco-sa-20141105-rv · Critical · Published · Updated

The Cisco RV120W Wireless-N VPN Firewall, Cisco RV180 VPN Router, Cisco RV180W Wireless-N Multifunction VPN Router, and Cisco RV220W Wireless Network Security Firewall are affected by the following vulnerabilities: Cisco RV Series Routers Command Injection Vulnerability Cisco RV Series Routers HTTP Referer Header Vulnerability Cisco RV Series Routers Insecure File Upload Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv

Cisco advisory · CSAF JSON

Workarounds

The following mitigations help limit the exposure to these vulnerabilities.

Disable Remote Management

Caution: Do not disable remote management if you manage the device via the WAN connection. This will result in loss of management connectivity to the device. Disabling this feature prevents Cisco QuickVPN access.

Remote Management is disabled by default. If it is enabled, administrators can disable it using the Web Access screen: Administration > Management Interface > Web Access. Check the box for Disabled in the Remote Management field.

Disabling remote management helps ensure that only users on the LAN could attempt to exploit the vulnerabilities.

Limit Remote Management Access to Specific IP Addresses

If remote management is required, harden the device so that it can be accessed only by certain IP addresses, rather than the default setting of any. By accessing the configuration screen (Administration > Management Interface > Web Access), an administrator can change the Remote IP address field to ensure only devices with the specified IP addresses can access the device.

CVEsCVE-2014-2177, CVE-2014-2178, CVE-2014-2179
Cisco Bug IDsCSCuh86998, CSCuh87126, CSCuh87145
CVSS ScoreBase 9.4
Base 9.4 AV:N/AC:L/Au:N/C:N/I:C/A:C/E:F/RL:OF/RC:C
Base 9.0 AV:N/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C
Base 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N/E:F/RL:OF/RC:C
Product Names From Source
Cisco Small Business RV Series Router Firmware

Related Products

Product CVE Evidence
Cisco Small Business RV Series Router Firmware CVE-2014-2179 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2014-2178 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2014-2177 Cisco OpenVuln
Cisco RV180 VPN Router CVE-2014-2179 Cisco OpenVuln
Cisco RV180 VPN Router CVE-2014-2178 Cisco OpenVuln
Cisco RV180 VPN Router CVE-2014-2177 Cisco OpenVuln