Critical Flaws Discovered in Cisco Small Business RV Series Routers

Introduction

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following:

  • Execute arbitrary code
  • Elevate privileges
  • Execute arbitrary commands
  • Bypass authentication and authorization protections
  • Fetch and run unsigned software
  • Cause denial of service (DoS)

Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the highest CVSS rating of 10.0, and affect its Small Business RV160, RV260, RV340, and RV345 Series routers. Additionally, the flaws could be exploited to bypass authentication and authorization protections, retrieve and run unsigned software, and even cause denial-of-service (DoS) conditions.

 

Main Concern

A vulnerability in the SSL VPN module of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient boundary checks when processing specific HTTP requests. An attacker could exploit this vulnerability by sending malicious HTTP requests to the affected device that is acting as an SSL VPN Gateway. A successful exploit could allow the attacker to execute code with root privileges on the affected device

Affected Vulnerable Products

CVE-2022-20700, CVE-2022-20702, CVE-2022-20703, CVE-2022-20704, CVE-2022-20705 and CVE-2022-20706 affect the following Cisco products:

    • RV160 VPN Routers
    • RV160W Wireless-AC VPN Routers
    • RV260 VPN Routers
    • RV260P VPN Routers with PoE (Power over Ethernet)
    • RV260W Wireless-AC VPN Routers
    • RV340 Dual WAN Gigabit VPN Routers
    • RV340W Dual WAN Gigabit Wireless-AC VPN Routers
    • RV345 Dual WAN Gigabit VPN Routers
    • RV345P Dual WAN Gigabit POE VPN Routers

CVE-2022-20699, CVE-2022-20701, CVE-2022-20707, CVE-2022-20708, CVE-2022-20709, CVE-2022-20710, CVE-2022-20711, CVE-2022-20712 and CVE-2022-20749 affect only the following Cisco products:

    • RV340 Dual WAN Gigabit VPN Routers
    • RV340W Dual WAN Gigabit Wireless-AC VPN Routers
    • RV345 Dual WAN Gigabit VPN Routers
    • RV345P Dual WAN Gigabit POE VPN Routers

Severity of the Identified Vulnerabilities as per CVSS:

Recommendations:

  • Users are advised to upgrade to an appropriate fixed software release as indicated in the following table:

  • The older versions of the products should not be used because of the security risks that they carry.