Cisco Issues Warning About XSS Vulnerability in End-of-Life Small Business Routers
April 6, 2024
Cisco has issued a warning about a medium severity Cross-Site scripting (XSS) flaw that affects its Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers. The vulnerability, tracked as CVE-2024-20362, is found in the web-based management interface of these devices. The flaw enables an unauthenticated, remote attacker to launch an XSS attack against a user of the interface.
The company has specified that the affected devices are end-of-life RV series small business routers and, as such, it will not be providing software updates to rectify this problem. There are no known workarounds to this vulnerability. The vulnerability arises from insufficient input validation by the web-based management interface. As the advisory states, “This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by persuading a user to visit specific web pages that include malicious payloads.”
A successful exploit could enable the attacker to execute arbitrary script code within the context of the affected interface or gain access to sensitive, browser-based information. The vulnerability impacts all software releases for the aforementioned Cisco RV Series Small Business Routers. To mitigate this vulnerability on the RV320 and RV325 models, Cisco advises disabling remote management. For the RV016, RV042, RV042G, and RV082 models, the company suggests disabling remote management and blocking access to ports 443 and 60443. After implementing these mitigations, the routers will still be accessible through the LAN interface.
Currently, Cisco is not aware of any attacks in the wild exploiting this vulnerability. Therefore, the company is urging customers to transition to a supported product. The company has confirmed that this vulnerability does not affect the following RV Series Small Business Routers:
Related News
Latest News
- Over 92,000 D-Link NAS Devices Vulnerable to Backdoor Exploitation
- Magecart Cybercriminals Employ Innovative E-Commerce Backdoor Exploiting CVE-2024-20720
- Cisco Alerts on Unpatched Vulnerability in Obsolete Small Business Routers
- Magento Flaw Exploited to Inject Persistent Backdoor into Ecommerce Sites
- Ivanti Patches High-Risk Vulnerabilities in VPN Gateways
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.