Last week, RedTeam Pentesting had discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router. According to RedTeam Pentesting, the feature was inadequately patched by the vendor. On Saturday, Cisco acknowledged that it had mismanaged a patch which would give rise to a vulnerability in two router models, namely, Cisco RV320 and RV325 WAN VPN routers.
These router vulnerabilities were discovered way back in September 2018. Post four months the discovery, a patch was issued for blacklisting the curl which is a command-line tool used for transferring data online and is also integrated into internet scanners. The idea behind introducing this curl was to prevent the devices from the attackers. Cisco patches were intended to protect these vulnerable devices. And initially, it was believed that Cisco’s patches were the ideal choice for businesses.
Cisco’s RV320 product page reads, “Keep your employees, your business, and yourself productive and effective. The Cisco RV320 Dual Gigabit WAN VPN Router is an ideal
choice for any small office or small business looking for performance, security, and reliability in its network.” Around 10,000 of these devices are still accessible online and are vulnerable to attacks. Cisco’s patch could merely blacklist the curl which turned out be a major problem.
In January, this year, security researcher David Davidson published a proof-of-concept for two Cisco RV320 and RV325 vulnerabilities. The security flaws patched by Cisco were:
This flaw allows remote attackers to inject and run admin commands on the device without using a password.
This flaw allows remote attackers to get sensitive device configuration details without using a password.
But it seems instead of fixing the vulnerable code in the actual firmware, Cisco has instead blacklisted the user agent for curl.
Most of the users are surprised by this news and they think that these patches can be easily bypassed by the attackers.
To know more about this news, check out RedTeam Pentesting’s post.
Redis Labs raises $60 Million in Series E Funding led by Francisco partners
San Francisco legislation proposes citywide ban on government’s use of facial recognition technology
Cisco and Huawei Routers hacked via backdoor attacks and botnets
I remember deciding to pursue my first IT certification, the CompTIA A+. I had signed…
Key takeaways The transformer architecture has proved to be revolutionary in outperforming the classical RNN…
Once we learn how to deploy an Ubuntu server, how to manage users, and how…
Key-takeaways: Clean code isn’t just a nice thing to have or a luxury in software projects; it's a necessity. If we…
While developing a web application, or setting dynamic pages and meta tags we need to deal with…
Software architecture is one of the most discussed topics in the software industry today, and…