CISCO VPN Router Web-Based Interface Vulnerability - 20230117001

Overview

A vulnerability in the web-based management interface of some Cisco Small Business Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to execute arbitrary code or cause the web-based management process on the device to restart unexpectedly, resulting in a denial of service (DoS) condition. The attacker must have valid administrator credentials.

This vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system or cause the web-based management process to restart, resulting in a DoS condition.

What is the vulnerability ?

CVE-2023-20007 - CVSS Score 4.7

What is vulnerable ?

At the time of writing, this vulnerability affects the following Cisco products:

• RV340 Dual WAN Gigabit VPN Routers
• RV340W Dual WAN Gigabit Wireless-AC VPN Routers
• RV345 Dual WAN Gigabit VPN Routers
• RV345P Dual WAN Gigabit POE VPN Routers

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-rcedos-7HjP74jD