Over 19,000 end-of-life Cisco routers exposed to RCE attacks
20-Jan-23
Attacks aimed at a remote command execution exploit chain are vulnerable against over 19,000 end-of-life Cisco VPN devices online. Threat actors can circumvent authentication (CVE-2023-20025) and execute arbitrary instructions (CVE-2023-2002) on the underlying operating system of Cisco Small Business RV016, RV042, RV042G, and RV082 routers by connecting two security issues published last week. Attackers without authentication can acquire root access to susceptible routers by sending specially crafted HTTP queries to the web-based administration interface. Cisco designated CVE-2023-20025 as critical and stated that its Product Security Incident Response Team (PSIRT) team is aware of proof-of-concept attack code that is obtainable in the wild.
