Hackers Exploiting Cisco RV VPN Routers
Security researchers have found critical vulnerabilities in Cisco Small Business RV VPN routers. The bugs could allow attackers to take control of the router with root privileges, get access to customer data, and conduct DDOS attacks.
Why are they even still used? Well, the RV series of VPN appliances is affordable and functional. They can easily connect remote workers to a company network with no hassle. Each appliance has a built-in firewall, VPN, encryption, and authentication features.
Cisco disclosed 15 vulnerabilities affecting their RV product line this week. Some of the bugs can be exploited alone, but others can be chained together to lead to a variety of bad outcomes. These issues remain unpatched at the time of writing.
According to Cisco, the bugs affect products that the company makes. Cisco’s advisory said: “An attacker could exploit these vulnerabilities by sending malicious packets to the affected systems.”
- Execute arbitrary code
- Elevate privileges
- Execute arbitrary commands
- Bypass authentication and authorization protections
- Fetch and run unsigned software
- Cause denial of service (DoS)
Cisco also warned that proof-of-concept exploits are available for several of the vulnerabilities. They didn’t offer details on any in-the-wild attacks, but said some of the flaws only affect the RV340/RF345 line of Dual WAN Gigabit VPN routers. These affect version 1.0.03.24 and earlier and are patched in version 1.0.03.26.
“Cisco is working on fixes for the identified vulnerabilities for the RV160 and RV260 series routers as quickly as possible,” a spokesperson said. “Of the vulnerabilities identified in the advisory, five have fixes available today in release version 1.0.01.07. The remaining fixes will be released as soon as possible in February.”
Cisco has released patches for RV160 and RV260 series routers that address several security issues. No workarounds are available, and no patch for the RV100 series has been released. The affected versions are 1.0.01.05 and earlier; 1.0.01.07 fixed some of the problems in January, with full patches expected soon. More Details Can Be Found In This PDF.