Cisco has announced fixes for three major vulnerabilities found in four different series of its SMB routers (Opens in a new tab).
If the flaws were exploited, they allowed actors to threaten to release code remotely, or launch denial of service attacks.
Those who can’t patch right away are out of luck – there are no workarounds for these flaws, and the only way to mitigate the threat is to apply the fixes.
Abundant severe defects
In Cisco Security Consulting (Opens in a new tab)Small Business RV160, RV260, RV340 and RV345 Series Routers have been affected, the company said.
The flaws include CVE-2022-20827, a web filter database update vulnerability with a severity score of 9.0.
Cisco explains that “this vulnerability is caused by insufficient input validation”. “An attacker could exploit this vulnerability by sending generated input to the web filter database refresh feature. A successful exploit could allow an attacker to execute commands on the underlying operating system with root privileges.”
The second flaw is tracked as CVE-2022-20841, an open and run command injection vulnerability with a severity score of 8.3. This is also due to insufficient validation of user-provided inputs, and a successful exploit could allow an attacker to run arbitrary commands on an underlying Linux operating system.
Finally, Cisco has fixed CVE-2022-20842, a remote code execution and rejection vulnerability with a severity score of 9.8.
“The vulnerability in the Cisco RV340, RV340W, RV345, RV345P Dual WAN Gigabit VPN Web-based management interface could allow an unauthenticated remote attacker to execute arbitrary code or cause an affected device to unexpectedly restart, resulting in a denial of the service condition. (DoS),” the company explained.
Cisco urged its users to patch immediately, particularly due to the fact that the vulnerabilities are dependent on each other. An exploit of one vulnerability may be required to exploit another vulnerability, the company said. In addition, the software version affected by one vulnerability may not be affected by the other vulnerabilities.