• Home
  • |
  • Blog
  • |
  • Fix Multiple Critical Vulnerabilities In Cisco RV Series Routers
Fix Multiple Critical Vulnerabilities in Cisco RV Series Routers

The networking equipment maker Cisco rolled out patches for multiple critical vulnerabilities in Cisco RV series routers. Cisco marked 15 vulnerabilities in its advisory, of which three carried the highest CVSS score of 10.0. Advisory also says that the successful exploitation of the vulnerabilities could lead to attacks like arbitrary code execution, privilege escalation, bypass authentication and authorization protections, and Denial of Service (DoS). It is very important to know more about the vulnerabilities for a user who uses Cisco’s RV series of routers in their network. Let’s see the list of vulnerabilities and their impact, along with how to fix those critical vulnerabilities in the affected Cisco RV series of routers.

List Of Routers Affected By The Vulnerabilities:

Here are the list of routers vulnerable to flaws.

RV160 and RV260 Series Routers v1.0.01.05 and earlier are affected by these vulnerabilities. RV340 and RV345 Series Routers c1.0.03.24 are affected by these vulnerabilities.

Router ModulesVulnerabilities
RV160 VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
RV160W Wireless-AC VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
RV260 VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
RV260P VPN Routers with PoECVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
RV260W Wireless-AC VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
RV340 Dual WAN Gigabit VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
CVE-2022-20699
CVE-2022-20707
CVE-2022-20708
CVE-2022-20709
CVE-2022-20711
CVE-2022-20749
RV340W Dual WAN Gigabit Wireless-AC VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
CVE-2022-20699
CVE-2022-20707
CVE-2022-20708
CVE-2022-20709
CVE-2022-20711
CVE-2022-20749
RV345 Dual WAN Gigabit VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
CVE-2022-20699
CVE-2022-20707
CVE-2022-20708
CVE-2022-20709
CVE-2022-20711
CVE-2022-20749
RV345P Dual WAN Gigabit POE VPN RoutersCVE-2022-20700
CVE-2022-20701
CVE-2022-20702
CVE-2022-20703
CVE-2022-20704
CVE-2022-20705
CVE-2022-20706
CVE-2022-20710
CVE-2022-20712
CVE-2022-20699
CVE-2022-20707
CVE-2022-20708
CVE-2022-20709
CVE-2022-20711
CVE-2022-20749

List Of Vulnerabilities In Cisco RV Series Routers: 

Here is the list of vulnerabilities published in the security advisory.

  1. CVE-2022-20699: This vulnerability allows remote attackers to perform an unauthenticated arbitrary code execution affected devices. The flaw is due to improper boundary checks when processing specific HTTP requests, so it can be exploited by crafting a malicious HTTP request. Cisco routers RV340, RV340W, RV345, and RV345P are affected by this vulnerability.
  2. CVE-2022-20700, CVE-2022-20701, CVE-2022-20702: This flaw allows remote attackers to elevate privileges to root. This vulnerability is due to insufficient authorization enforcement mechanisms. An attacker could exploit this vulnerability by submitting specific commands. All the
  3. CVE-2022-20703: This flaw allows attackers to install and load malicious software images on the affected devices. This is due to improper verification of software images.
  4. CVE-2022-20704:  Due to improper validation of the SSL server certificate, attackers can view and modify the information shared between affected devices. This vulnerability gives an opportunity for attackers to carry out the man-in-the-middle attack and intercept the traffic.
  5. CVE-2022-20705: Vulnerability in the session management of the web UI permits an unauthenticated, remote attacker to access web UI by bypassing authentication protections.
  6. CVE-2022-20706: The vulnerability is due to insufficient validation of user-supplied input in the router operating system’s Open Plug and Play (PnP) module. This allows a remote attacker to inject and execute arbitrary commands on the affected system. Attackers can exploit the flaws by sending malicious input to an affected device.
  7. CVE-2022-20707, CVE-2022-20708, CVE-2022-20749: The vulnerability is due to insufficient validation of user-supplied input in the web-based management interface of the affected routers. This allows a remote attacker to inject and execute arbitrary commands on the affected system. Attackers can exploit the flaws by sending malicious input to an affected device. Cisco routers RV340, RV340W, RV345, and RV345P are affected by this vulnerability.
  8. CVE-2022-20709: This vulnerability allows an attacker to upload arbitrary files due to insufficient authorization enforcement in the web-based management interface. The attacker can exploit this vulnerability by sending a crafted HTTP request. Cisco routers RV340, RV340W, RV345, and RV345P are affected by this vulnerability.
  9. CVE-2022-20710: Erroneously handled exceptions during failed login attempts to prevent legitimate logins. This causes a denial of service in login functionality in the web-based management interface. This vulnerability can be exploited by submitting a crafted HTTP packet.
  10. CVE-2022-20711: insufficient input validation of the web UI components allows attackers to overwrite certain files. Attackers can exploit the flaws by sending crafted HTTP requests to the vulnerable device. Cisco routers RV340, RV340W, RV345, and RV345P are affected by this vulnerability.
  11. CVE-2022-20712: This flaw allows remote attackers to execute arbitrary code. It happens when there are insufficient boundary checks in processing specific HTTP requests. Attackers can exploit the flaws by sending crafted HTTP requests to the vulnerable device.
Sl. No.CVE ID:CVSS Base ScoreCVSS Vector:
1CVE-2022-2069910.0 CriticalCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2CVE-2022-2070010.0 CriticalCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
3CVE-2022-207019.0 CriticalCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
4CVE-2022-207026.0 MediumCVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
5CVE-2022-207039.3 CriticalCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
6CVE-2022-207044.8 LowCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
7CVE-2022-207055.3 MediumCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
8CVE-2022-207068.3 HighCVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
9CVE-2022-2070810.0 CriticalCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10CVE-2022-207077.3 MediumCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
11CVE-2022-207497.3 MediumCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
12CVE-2022-207095.3 MediumCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
13CVE-2022-207105.3 MediumCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
14CVE-2022-207118.2 HighCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
15CVE-2022-207127.3 MediumCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Fix Vulnerabilities In Cisco RV Series Routers:

Vulnerabilities in RV160 and RV260 series routers are fixed in release no. TBD (Feb 2022) and RV340 and RV345 series routers are fixed in 1.0.03.26.

Since there is no workaround to fix these vulnerabilities, it is required to upgrade the firmware version of the router. Please visit the security advisories or contact Cisco TAC service for more details.

We hope this post will help you know about the Multiple Critical Vulnerabilities in Cisco RV Series Routers. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page in FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

About the author

Arun KL

Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.