Cisco Re-Patches Router Holes

Friday, April 5, 2019 @ 11:04 AM gHale

Cisco issued new patches for previously patched vulnerabilities in its RV320 and RV325 routers.

Users should patch these routers as they have been part of targeted attacks over a period of time.

RELATED STORIES
Cisco Fixes UI or IOS XE Software
Cisco Fixes CSPC, Won’t Fix IP Phone Hole
Cisco Fixes Critical Firewall, Router Hole
Cisco Clears Router, Firewall Issues

One vulnerability, CVE-2019-1652, is from an improper validation of user-supplied input, Cisco said. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root.

The other vulnerability, CVE-2019-1653, is from an improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.

The fix for the vulnerabilities is now available in firmware release 1.4.2.22, Cisco said.

The vulnerabilities affect Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running Firmware Releases 1.4.2.15 through 1.4.2.20.

The initial fix for the products went out in January, but upon further review, Cisco found the issues continued and sent out an updated patch for the vulnerabilities.



Leave a Reply

You must be logged in to post a comment.