DIVD-2023-00009 - Cisco RV Series Remote Command Execution
| Our reference | DIVD-2023-00009 |
| Case lead | Max van der Horst |
| Researcher(s) | |
| CVE(s) | |
| Product | Cisco RV340, RV340W, RV345 and RV345P |
| Versions |
|
| Recommendation | Upgrade the firmware of your RV Small Business Router to the latest version (larger than 1.0.03.28). |
| Status | Closed |
| Last modified | 04 Aug 2023 13:04 CEST |
Summary
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345 and RV345P could allow an authenticated, remote attacker to execute arbitrary code. The attacker does need valid administrator credentials.
What you can do
Update your Cisco Small Business Router to the latest firmware release (no earlier than 1.0.03.29).
What we are doing
DIVD is currently scanning for Small Business routers of the mentioned types that are vulnerable. Owners of vulnerable systems receive a notification with instructions to update their router.
Timeline
| Date | Description |
|---|---|
| 07 Feb 2023 | DIVD starts researching the vulnerability. |
| 18 Feb 2023 | First version of this casefile. |
| 25 Mar 2023 | DIVD conducts a first scan for this vulnerability. |
| 18 Apr 2023 | DIVD sends out first round of notifications. |
| 02 May 2023 | DIVD conducts a second scan for this vulnerability |
| 04 Aug 2023 | Case closed. |
gantt
title DIVD-2023-00009 - Cisco RV Series Remote Command Execution
dateFormat YYYY-MM-DD
axisFormat %e %b %Y
section Case
DIVD-2023-00009 - Cisco RV Series Remote Command Execution (178 days) :2023-02-07, 2023-08-04
section Events
DIVD starts researching the vulnerability. : milestone, 2023-02-07, 0d
First version of this casefile. : milestone, 2023-02-18, 0d
DIVD conducts a first scan for this vulnerability. : milestone, 2023-03-25, 0d
DIVD sends out first round of notifications. : milestone, 2023-04-18, 0d
DIVD conducts a second scan for this vulnerability : milestone, 2023-05-02, 0d
Case closed. : milestone, 2023-08-04, 0d