Multiple vulnerabilities (CVE-2021-1609 and CVE 2021-1610) have been discovered on Cisco Small Business Routers (RV340, RV340W, RV345, and RV345P) that could allow an attacker to remotely execute arbitrary code, execute arbitrary root level commands and cause denial of service (DoS).
Cisco Small Business Router (RV340, RV340W, RV345, and RV345P) models running firmware version earlier than 1.0.03.22, are reported to have contained critical flaws that could be exploited remotely.
The vulnerabilities with the CVE identifiers CVE-2021-1609 and CVE 2021-1610 reside at the web-based management interface of the Cisco Small Business routers. Specifically, these vulnerabilities stem from improper validation of HTTP requests.
The first and most critical of these vulnerabilities (CVE-2021-1609) could allow an unauthenticated attacker to access the router’s web interface remotely (accessible over the Internet) and execute arbitrary code as root, giving the attacker full control of the router.
The second flaw (CVE 2021-1610) is a command injection type vulnerability that allows an attacker to execute arbitrary commands at the root level.
The affected products are:
- RV340 Dual WAN Gigabit VPN Router
- RV340W Dual WAN Gigabit Wireless-AC VPN Router
- RV345 Dual WAN Gigabit VPN Router
- RV345P Dual WAN Gigabit POE VPN Router
Note that the vulnerabilities are remotely exploitable only if the remote management feature is enabled, i.e., web-based management interface is accessible over WAN. On the other hand, both of the vulnerabilities can be exploited locally by attackers as the web-based management interface is available through LAN connections by default and cannot be disabled. To determine whether the remote management feature is enabled or not, please follow the steps
Basic Settings > Remote Management on the web-based management interface of the affected Cisco products.
An unauthenticated attacker who successfully exploits the CVE-2021-1609 can execute arbitrary codes remotely or conduct Denial of Service (DoS) attacks.
Category: Remote Code Execution (RCE)
CVSS 3.1 Base Score: 9.8 Critical
CVSS 3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An unauthenticated attacker who successfully exploits the CVE 2021-1610 can conduct root level code injection attacks remotely (over the Internet).
Category: Command Injection
CVSS 3.1 Base Score: 7.2 High
CVSS 3.1 Vector: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Cisco has released free firmware updated that address both of the vulnerabilities described. Vulnerable products must be updated to firmware releases 1.0.03.22 and later. For further details about firmware upgrades, please refer to the Cisco security advisory.
The Internet of Things (IoT) devoid of comprehensive security management is tantamount to the Internet of Threats.Stephane Nappo
Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.
References to Advisories, Solutions and Tools
- https://nvd.nist.gov (CVE-2021-1609)
- https://nvd.nist.gov (CVE-2021-1610)
- Cisco Product Support (Cisco RV340, RV340W, RV345, and RV345P Routers Web Management Vulnerabilities)
- Cisco Security Advisory (Cisco RV340, RV340W, RV345, and RV345P Routers Web Management Vulnerabilities)
You can also read our article How to Secure Your Home WiFi Router in 15 Simple Steps? to learn more about WiFi router security.