CVSS 10 Critical Vulnerabilities on Cisco RV160 and RV260 Series Routers

Cisco has disclosed critical vulnerabilities on the RV160 and RV260 series routers. Some of these vulnerabilities have a CVSS score of 10. We look at the vulnerabilities and the fixes suggested by Cisco to patch against these vulnerabilities. Do read through the document below to find more about the risks and the mitigation against these risks.

What Cisco routers are affected in the RV 160 and RV260 series?

The following Cisco routers are affected by the critical vulnerabilities mentioned in this document:

  • RV160 VPN Routers
  • RV160W Wireless-AC VPN Routers
  • RV260 VPN Routers
  • RV260P VPN Routers with PoE
  • RV260W Wireless-AC VPN Routers

Cisco router firmware release versions 1.0.01.05 and earlier are affected by these vulnerabilities. For the purpose of clarity and action, we restrict our discussion to critical and high impact vulnerabilities only.

What critical vulnerabilities are the Cisco RV160 and Cisco RV260 affected with?

As per Cisco’s security release, the RV160 and RV260 routers are affected with the following critical vulnerabilities:

Critical Vulnerabilities on Cisco Routers

CVE-2022-20700, CVSS-2022-20701 – Privilege Escalation vulnerabilities

  • These 2 vulnerabilities affect Cisco routers RV160 and RV260 series routers.
  • CVSS-2022-20700 is a CVSS 10 critical vulnerability.
  • The associated Cisco bug ID are CSCwa14564CSCwa14565.
  • CVSS-2022-20701 is a CVSS 9 critical vulnerability.
  • The associated Cisco bug id for CVSS-2022-20701 are CSCwa12836CSCwa13119.

These vulnerabilities exist on the web management interface of the Cisco RV160 and RV260 series routers. Due to insufficient authorization enforcement mechanisms, an attacker could exploit the vulnerabilities and elevate login privileges to the root user.

CVE-2022-20703-Routers Digital Signature Verification Bypass Vulnerability

CVE-2022-20703 vulnerability is a CVSS 9.3 critical impact vulnerability. This vulnerability is on account of improper verification of software images on the target device. An attacker could exploit the vulnerability to deploy a malicious image or unsigned binaries on the target device and pose a risk to the network. The bug IDs associated with CVE-2022-20703 are CSCwa12748CSCwa13115.

High-impact Vulnerabilities on Cisco RV160 and RV260 series routers

There are a couple of high impact vulnerabilities on the Cisco RV160 and Cisco RV260 series routers.

CVE-2022-20706-GUI Denial of Service Vulnerability

This denial of service vulnerability rests on the Open Plug and Play (PnP) module of Cisco Small Business RV Series Routers. This is a man-in-the-middle attack and the attacker needs to be proximal to the target router. The attacker could deploy malicious code and attack the Linux operating system on the router.

Cisco bug ids associated with CVE-2022-20706 are CSCwa14007CSCwa14008.

The vulnerability is resolved as part of the firmware update on the Cisco RV160 and Cisco RV260 series routers.

CVE-2022-20712-Upload Module Remote Code Execution Vulnerability

An attacker could use a flaw in the router’s upload module and send malicious HTTP requests and run arbitrary code on the target router with non-root privileges. The attacker is remote and can execute malicious code on the affected target router device. This is a high-impact security vulnerability with a CVSS rating of 7.3.

Cisco bug ids associated with this vulnerability are CSCwa18769, CSCwa18770.

You can download the security update from the Cisco website for the Cisco RV160 and RV260 series routers. We also suggest downloading the latest firmware release 1.0.01.7 for the Cisco basic series routers.

Other vulnerabilities on Cisco RV160 and RV260 series routers

Aside from these critical and high impact vulnerabilities, Cisco routers of Series RV160 and RV260 are affected by multiple other vulnerabilities with medium or low impact.

  • CVE-2022-20702 with a CVSS rating of 6.
  • CVE-2022-20704 with a CVSS rating of 4.8.
  • CVE-2022-20705 with a CVSS rating of 5.3.
  • CVE-2022-20710 with a CVSS rating of 5.3.

These vulnerabilities have a MEDIUM impact on the affected routers. We stick to the critical and high impact vulnerabilities for the purpose of this study.

How do I fix critical and high impact vulnerabilities on Cisco RV160 and Cisco RV260 routers?

A free software update has been released by Cisco to address these vulnerabilities. You can download it through the product downloads page or you can contact Cisco TAC to access the latest security fix.

You can also download the latest firmware from the links mentioned below. The latest firmware has been released on 28th January 2022.

  • Download firmware release 1.0.01.07 for the Cisco RV160, RV160W, RV260, RV260P, and RV260W series routers. The firmware file is of 62.75 MB size.
  • You can request for the security update from Cisco TAC. You can share the bug id for a ready reference.

Summary

Cisco RV160 and RV260 series routers are affected with 3 critical and 2 high-impact vulnerabilities. Cisco has shared details of the vulnerabilities. The company has shared details about the security update to resolve these vulnerabilities. You can download the security update through the software downloads page or get the update from Cisco TAC.

You may also like to read more content related to IT security: