Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers Command Injection Vulnerabilities

cisco-sa-sb-rv32x-cmdinject-cKQsZpxL · High · Published · Updated

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands as the root user on the underlying Linux operating system of the affected device. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates to address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv32x-cmdinject-cKQsZpxL

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address these vulnerabilities.

If the Remote Management feature is enabled, Cisco recommends disabling it to reduce exposure to these vulnerabilities. The feature is disabled by default.

To determine the setting of the Remote Management feature, choose Firewall > General and review the status of the Remote Management check box. If Remote Management is enabled, uncheck the check box. This will disable the web-based management interface on the WAN IP address, which is reachable through the WAN ports to the internet. The web-based management interface will continue to be available on the LAN IP address, which is reachable through the LAN ports.

While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEsCVE-2023-20117, CVE-2023-20128
Cisco Bug IDsCSCwe57193, CSCwe63677
CVSS ScoreBase 7.2
Base 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:X/RL:X/RC:X
Base 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco Small Business RV Series Router Firmware

Related Products

Product CVE Evidence
Cisco Small Business RV Series Router Firmware CVE-2023-20128 Cisco OpenVuln
Cisco Small Business RV Series Router Firmware CVE-2023-20117 Cisco OpenVuln