Cisco has released a notice of a critical authentication bypass vulnerability with public exploit code affecting multiple end-of-life routers. The security flaw (CVE-2023-20025) was found in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 routers.
It is caused by improper validation of user input within incoming HTTP packets. Unauthenticated attackers can exploit it remotely by sending a specially crafted HTTP request to vulnerable routers' web-based management interface to bypass authentication.
Successful exploitation allows them to gain root access. By chaining it with another vulnerability tracked as CVE-2023-2002 (also disclosed recently by Cisco), they can execute arbitrary commands on the underlying operating system. Cisco noted that it "has not and will not release software updates that address this vulnerability."
Disable management interface to block attacks
While the RV016 and RV082 WAN VPN routers were last up for sale in January and May 2016, the last day the RV042 and RV042G VPN routers were available for order was January 30, 2020, and will still be under support until January 31, 2025.
Even though there are no workarounds to address this vulnerability, administrators may disable the vulnerable routers' web-based management interface and block access to ports 443 and 60443 to prevent exploitation attempts.
To do that, you have to log into the web-based management interface of each device, go to Firewall > General, and uncheck the Remote Management check box.
In the security advisory published January 11th, Cisco also provides detailed steps to block access to ports 443 and 60443.
Give us a call today!
Beringer Technology group can help your team navigate the ever-changing security threats on the internet. Reach out to Beringer Technology Group today. We can help evaluate your current cybersecurity posture with our Cyber Security Risk Assessment Solution, and implement the right security solutions for your organization.
Beringer Technology Group, a leading Microsoft Gold Certified Partner specializing in Microsoft Dynamics 365 and CRM for Distribution also provides expert Managed IT Services, Backup and Disaster Recovery, Cloud Based Computing, Email Security Implementation and Training, Unified Communication Solutions, and Cybersecurity Risk Assessment.