Cisco published a security advisory about a flaw that can be found in Small Business RV110W, RV130, RV130W, and RV215W Routers. The company has not released software updates that address this vulnerability and there are no workarounds. The vulnerability, tracked as CVE-2022-20825, has a CVSS severity rating of 9.8. It is caused by insufficient user input validation of incoming HTTP packets.
Upgrade to newer models
The vulnerability allows attackers to execute arbitrary code or cause an affected device to restart unexpectedly, resulting in a denial of service condition, using root-level privileges. This vulnerability affects the following Cisco Small Business RV Series Routers:
- RV110W Wireless-N VPN Firewall
- RV130 VPN Router
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router
Since there are workarounds for the vulnerability and the devices won’t receive any updates, the company advised users to migrate to the Cisco Small Business RV132W, RV160, or RV160W Routers. The company also stated that there is no known exploitation of the vulnerability in the wild.
To determine the device configuration, the web-based management interface of these devices is available through a local LAN connection. To determine whether the remote management feature is enabled on a device, open the web-based management interface and choose Basic Settings > Remote Management. If the Enable check box is checked, remote management is enabled on the device. Cisco said,
« In all cases, customers should ensure that new devices will be sufficient for their network needs; the new devices contain sufficient memory, and current hardware and software configurations will continue to be supported properly by the new product. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers. »