Cisco has released a security advisory to address multiple vulnerabilities affecting their VPN routers. A proof-of-concept (PoC) code exploiting the vulnerabilities is also available.
The vulnerabilities are:
- CVE-2023-20025: A critical authentication bypass vulnerability in the web-based management interface of vulnerable products that could allow an unauthenticated, remote attacker to bypass authentication and gain root access on the underlying operating system.
- CVE-2023-20026: A remote command execution (RCE) vulnerability in the web-based management interface of vulnerable products that could allow an authenticated, remote attacker to execute arbitrary commands, gain root-level privileges, and access unauthorised data.
The vulnerabilities affect all software releases that are running on the following Cisco RV Series Small Business Routers:
- RV016 Multi-WAN VPN Routers
- RV042 Dual WAN VPN Routers
- RV042G Dual Gigabit WAN VPN Routers
- RV082 Dual WAN VPN Routers
There are no patches available for the vulnerabilities as they have reached end-of-life (EoL). Administrators and users of the affected products are advised to mitigate the vulnerabilities by disabling remote management and blocking access to ports 443 and 60443. In the meantime, they are also advised to refer to the EoL notices for the affected products and migrate to other supported devices.
More information is available here: