Skip to the content.

DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass

Our reference DIVD-2023-00017
Case lead Max van der Horst
Researcher(s)
CVE(s)
Product Cisco RV016, RV042, RV042G, RV082
Recommendation Apply the proposed workaround by restricting access to port 443 and 60443 and disabling remote management.
Status Closed
Last modified 26 Sep 2023 10:53

Summary

A vulnerability in the web-based management interface of End-of-Life Cisco Small Business RV042 Series Routers could allow an unauthenticated, remote attacker to bypass authentication on the affected device. This vulnerability is due to incorrect user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending crafted requests to the web-based management interface. A successful exploit could allow the attacker to gain root privileges on the affected device.

What you can do

Because the vulnerable devices are End of Life, Cisco does not plan on releasing a patch for this vulnerability. Cisco advises to disable remote management and restrict access to ports 443 and 60443. Routers will still be accessible through the LAN interface after the mitigation has been implemented. In order to implement this workaround, please follow the steps mentioned in the Cisco security advisory in the references.

What we are doing

DIVD is currently scanning for Small Business routers of the mentioned types that are vulnerable. Owners of vulnerable systems receive a notification with instructions to update their router.

Timeline

Date Description
15 Mar 2023 DIVD starts researching the vulnerability
15 Mar 2023 DIVD performs first scan for vulnerable instances.
16 Mar 2023 DIVD performs first mailrun.
03 Jul 2023 DIVD performs second mailrun.
26 Sep 2023 DIVD closes case after monitoring phase.
gantt title DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass dateFormat YYYY-MM-DD axisFormat %e %b %Y section Case DIVD-2023-00017 - Cisco Small Business Router Authentication Bypass (195 days) :2023-03-15, 2023-09-26 section Events DIVD starts researching the vulnerability : milestone, 2023-03-15, 0d DIVD performs first scan for vulnerable instances. : milestone, 2023-03-15, 0d DIVD performs first mailrun. : milestone, 2023-03-16, 0d DIVD performs second mailrun. : milestone, 2023-07-03, 0d DIVD closes case after monitoring phase. : milestone, 2023-09-26, 0d

More information