Recently, the Cisco Small Business Routers has manifested numerous security issues. Cisco has approached multiple pre-auth remote code execution (RCE) vulnerabilities attacking many small business VPN routers.
This vulnerability was allowing the threat actors to execute arbitrary code as root on successfully exploited devices. Cisco affirmed that there are three major security bugs that were discovered in the Cisco RV320 and RV325 Dual Gigabit WAN VPN Routers firmware termed as:-
However, all these vulnerabilities endure because HTTP requests are not correctly validated. And the threat actors could easily exploit these vulnerabilities by transferring a crafted HTTP request to the web-based management interface of an attacked device.
And once the exploits are done, it allows the hackers to execute arbitrary code on the compromised device remotely.
Cisco asserted that all the following Small Business Routers are vulnerable to attacks, and are trying to exploit these vulnerabilities if running a firmware version earlier than Release 1.0.01.02:-
Moreover, Cisco has also stated the whole procedure of updating the routers to the latest release, and here we have mentioned it step-by-step:-
Apart from this, Cisco has also confirmed that there are some products that are not vulnerable to these vulnerabilities, and here we have mentioned below:-
The Cisco Product Security Incident Response Team (PSIRT) states that it’s not “aware of any public announcements or malicious use of the vulnerabilities.”
While all these vulnerabilities were identified and reported to Cisco by T. Shiomitsu, swings of Chaitin Security Research Lab, and simp1e of 1AQ Team.
In order to fix the software, Cisco has published free software updates that discuss the vulnerabilities that have been reported in this advisory. However, Customers may only install and demand support for software versions and feature sets for which they have acquired a license.
So, the customers may only download software for which they have a legitimate license, obtained from Cisco directly, or over a Cisco approved reseller or partner.
Apart from this, Cisco has also approached high severity vulnerabilities affecting other business routers and the IOS XR software. Moreover, the company newly published patches for critical security vulnerabilities that subsisted in its Aironet Access Point Software.
The security pros at Cisco declared that the vulnerabilities could commence a threat actor to remote code execution.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…