Severity Rating: High
Software Affected
· RV110W Wireless-N VPN Firewall: 1.2.2.8 and prior
· RV130 VPN Router
· RV130W Wireless-N Multifunction VPN Router
· RV215W Wireless-N VPN Router: 1.3.1.7 and prior
· Cisco PLM: 10.5(2)SU9 and prior
· Cisco PLM: 11.5(1)SU6 and prior
Overview
Multiple vulnerabilities have been reported in Cisco Small Business RV110W
, RV130, RV130W Wireless-N Multifunction VPN Router, RV215W Wireless-N VPN
Firewall Routers and Cisco Prime License Manager could allow a remote
attacker to execute arbitrary code, bypass authentication and gain full
access control on the targeted system.
Description
1. Default Credential Vulnerability (CVE-2020-3330)
This Vulnerability exists in the Cisco Small Business RV110W Wireless-N VPN
Firewall Routers due to system account has a default and static password.
An attacker could exploit this vulnerability using this default account to
connect to the affected system by using this default account to connect to
an affected device.
Successful exploitation of this vulnerability could allow the attacker to
gain full control of the affected device.
2. Remote Command Execution Vulnerability (CVE-2020-3323)
This Vulnerability exists in the Cisco Small Business RV110W, RV130,
RV130W, and RV215W Routers due to improper validation of user-supplied
input in the web-based management interface. An attacker could exploit this
vulnerability by sending crafted HTTP requests to an affected device.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code as the root user on the affected device.
3. Authentication Bypass Vulnerability (CVE-2020-3144)
This Vulnerability exists in the Cisco RV110W Wireless-N VPN Firewall,
RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W
Wireless-N VPN Router due to improper session management on the affected
devices. An attacker could exploit this vulnerability by sending a crafted
HTTP request to an affected device.
Successful exploitation of this vulnerability could allow the attacker to
gain administrative access of the affected device.
4. Arbitrary Code Execution Vulnerability (CVE-2020-3331)
This Vulnerability exists in the Cisco RV110W Wireless-N VPN Firewall and
Cisco RV215W Wireless-N VPN Router due to improper validation of
user-supplied input data by the web-based management interface. An attacker
could exploit this vulnerability by sending crafted requests to an affected
device.
Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code with the privileges of the affected device.
5. Privilege Escalation Vulnerability (CVE-2020-3140)
This Vulnerability exists in the Cisco Prime License Manager (PLM) Software
due to insufficient validation of user input on the web management
interface. An attacker could exploit this vulnerability by submitting a
malicious request to an affected system.
Successful exploitation of this vulnerability could allow the attacker to
gain administrative-level privileges on the system.
Solution
Apply appropriate updates as mentioned in:
- -sa-rv110w-static-cred-BMTWBWTy
- -sa-rv-rce-AQKREqp
- -sa-rv-auth-bypass-cGv9EruZ
- -sa-code-exec-wH3BNFb
- -sa-cisco-prime-priv-esc-HyhwdzBA
Vendor Information
Cisco
- -sa-rv110w-static-cred-BMTWBWTy
- -sa-rv-rce-AQKREqp
- -sa-rv-auth-bypass-cGv9EruZ
- -sa-code-exec-wH3BNFb
- -sa-cisco-prime-priv-esc-HyhwdzBA
References
Cisco
- -sa-rv110w-static-cred-BMTWBWTy
- -sa-rv-rce-AQKREqp
- -sa-rv-auth-bypass-cGv9EruZ
- -sa-code-exec-wH3BNFb
- -sa-cisco-prime-priv-esc-HyhwdzBA
CVE Name
CVE-2020-3140
CVE-2020-3144
CVE-2020-3323
CVE-2020-3330
CVE-2020-3331
About Cert Advisory
We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.