SB2023011144 - Multiple vulnerabilities in Cisco Small Business RV016, RV042, RV042G, and RV082 Routers

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper Authentication (CVE-ID: CVE-2023-20025)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in the web-based management interface. A remote non-authenticated attacker can send a specially crafted HTTP request, bypass authentication process and execute arbitrary code as root on the affected device.

2) OS Command Injection (CVE-ID: CVE-2023-20026)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can a specially crafted HTTP request and execute arbitrary OS commands with root privileges.

3) OS Command Injection (CVE-ID: CVE-2023-20118)

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can a specially crafted HTTP request and execute arbitrary OS commands with root privileges.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5
• https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd47551
• https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd60199
• https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe41652