Many Cisco enterprise router products have security holes that can be hacked remotely

Last week, Cisco had to release patches to fix eight security vulnerabilities, three of which could be used by hackers to become weapons for remote code execution (RCE) attacks or cause fatal crashes. denial of service (DoS) on affected devices.

The most severe vulnerability affects Cisco Small Business router models RV160, RV260, RV340, and RV345 Series. Tracked under code CVE-2022-20842 (CVSS score: 9.8), the vulnerability stems from insufficient validation of user-supplied input on the device's web-based management interface.

"An attacker could exploit this vulnerability by sending refined HTTP input to an affected device ," Cisco said. "Once the exploit is successful, the hacker can execute arbitrary code as the root user on the device's operating system or cause the device to reload, leading to a DoS state."

The second vulnerability, related to command injection, resides in the router's web filter database update feature (CVE-2022-20827, CVSS score: 9.0). It can be used by hackers to insert and execute arbitrary commands on the device's operating system with root privileges.

The third vulnerability that needs to be fixed (CVE-2022-20841, CVSS: 8.0) is also an injection bug in the Open Plug-n-Play (PnP) module that can be abused by sending a malicious input. malicious to gain the right to execute code on the victim's Linux host.

"To exploit this vulnerability, an attacker must either take advantage of a man-in-the-middle location or gain stable access to a specific network device connected to the affected router ," Cisco said. know.

Cisco also patched five other vulnerabilities related to Webex Meetings, Identity Services Engine, Unified Communications Manager, and BroadWorks Application Delivery Platform.

The company offers no alternative to the above vulnerabilities other than immediate installation of updates. In addition, Cisco also confirmed that it has not detected any attacks that exploit these vulnerabilities, but users should update the firmware immediately.

Critical RCE vulnerability affects 29 DrayTek router models
Windows 11 blocks RDP brute-force attacks by default
Microsoft warns of RCE vulnerability in Windows diagnostic tool
Asia is the most targeted cyber attack in 2021

Operate and exploit advertising by iCOMM Vietnam Media and Technology Joint Stock Company.
116 Thai Ha, Trung Liet Ward, Dong Da District, Hanoi.
Editor in chief: Tran Vo
Tel: (+84) 903076053/7 Fax: (+84) 903030935

Responsible agency: Union of Science and High-Tech Production and Telecommunications (HTI)y
Copyright © 2022 iCOMM Tech JSC