Cisco Warns of Serious Vulnerability in EoL Small Business Routers


In response to a critical vulnerability affecting small business RV016, RV042, RV042G, and RV082 routers that have reached end of life, Cisco announced this week that no patches will be made available (EoL).

The security flaw, identified as CVE-2023-20025 (CVSS score of 9.0), affects the web-based management interface of the routers and may allow for authentication bypass. The problem arises from improper validation of user input in incoming HTTP packets, which enables an attacker to send crafted HTTP requests to the router, bypass authentication, and take full control of the operating system.

Also Read: Tech Behemoths Back Open-Source eBPF to Make IT Infrastructure More

The tech behemoth also issued a high-severity bug alert for the same routers’ web-based management interface that could result in the execution of remote commands.

Read More: Cisco Warns of Critical Vulnerability in EoL Small Business Routers

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates