Cisco has announced fixes for three major vulnerabilities found in its four different series of SMB routers (opens in new tab).
If exploited, these vulnerabilities would allow threat actors to remotely launch code, or trigger a denial of service attack.
Those who can’t fix it right away are out of luck – there’s no workaround for these flaws, and the only way to mitigate the threat is to apply a fix.
High-severity defects appear in large numbers
at Cisco Safety Consulting (opens in new tab)the company said its small business RV160, RV260, RV340 and RV345 series routers were affected.
The vulnerabilities include CVE-2022-20827, a web filter database update command injection vulnerability with a severity score of 9.0.
“The vulnerability is due to insufficient input validation,” Cisco explained. “An attacker could exploit this vulnerability by submitting crafted input to the web filter database update function. A successful exploit could allow an attacker to execute commands on the underlying operating system with root privileges.”
The second vulnerability is tracked as CVE-2022-20841, an open plug-and-play command injection vulnerability with a severity score of 8.3. This is also due to insufficient validation of user-supplied input, a successful exploit could allow an attacker to run arbitrary commands on the underlying Linux operating system.
Finally, Cisco fixed CVE-2022-20842, a remote code execution and denial of service vulnerability with a severity score of 9.8.
“A vulnerability exists in the web-based management interface of the Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers that could allow an unauthenticated remote attacker to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial Service (DoS) conditions,” the company explained.
Cisco urges its users to patch immediately, especially due to the fact that the vulnerabilities are interdependent. “It may be necessary to exploit one of the vulnerabilities to exploit the other,” the company said. “Furthermore, software versions affected by one of the vulnerabilities may not be affected by the other vulnerabilities.”