Fwd: [CIVN-2020-0289] Multiple Vulnerabilities in Cisco

Software Affected

·         RV110W Wireless-N VPN Firewall: 1.2.2.8 and prior

·         RV130 VPN Router

·         RV130W Wireless-N Multifunction VPN Router

·         RV215W Wireless-N VPN Router: 1.3.1.7 and prior

·         Cisco PLM: 10.5(2)SU9 and prior

·         Cisco PLM: 11.5(1)SU6 and prior

Overview

Multiple vulnerabilities have been reported in Cisco Small Business RV110W

, RV130, RV130W Wireless-N Multifunction VPN Router, RV215W Wireless-N VPN

Firewall Routers and Cisco Prime License Manager could allow a remote

attacker to execute arbitrary code, bypass authentication and gain full

access control on the targeted system.

Description

1.   Default Credential Vulnerability (CVE-2020-3330)

This Vulnerability exists in the Cisco Small Business RV110W Wireless-N VPN

Firewall Routers due to system account has a default and static password.

An attacker could exploit this vulnerability using this default account to

connect to the affected system by using this default account to connect to

an affected device.

Successful exploitation of this vulnerability could allow the attacker to

gain full control of the affected device.

2.   Remote Command Execution Vulnerability (CVE-2020-3323)

This Vulnerability exists in the Cisco Small Business RV110W, RV130,

RV130W, and RV215W Routers due to improper validation of user-supplied

input in the web-based management interface. An attacker could exploit this

vulnerability by sending crafted HTTP requests to an affected device.

Successful exploitation of this vulnerability could allow the attacker to

execute arbitrary code as the root user on the affected device.

3.       Authentication Bypass Vulnerability (CVE-2020-3144)

This Vulnerability exists in the Cisco RV110W Wireless-N VPN Firewall,

RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W

Wireless-N VPN Router due to improper session management on the affected

devices. An attacker could exploit this vulnerability by sending a crafted

HTTP request to an affected device.

Successful exploitation of this vulnerability could allow the attacker to

gain administrative access of the affected device.

4.   Arbitrary Code Execution Vulnerability (CVE-2020-3331)

This Vulnerability exists in the Cisco RV110W Wireless-N VPN Firewall and

Cisco RV215W Wireless-N VPN Router due to improper validation of

user-supplied input data by the web-based management interface. An attacker

could exploit this vulnerability by sending crafted requests to an affected

device.

Successful exploitation of this vulnerability could allow the attacker to

execute arbitrary code with the privileges of the affected device.

5.       Privilege Escalation Vulnerability (CVE-2020-3140)

This Vulnerability exists in the Cisco Prime License Manager (PLM) Software

due to insufficient validation of user input on the web management

interface. An attacker could exploit this vulnerability by submitting a

malicious request to an affected system.

Successful exploitation of this vulnerability could allow the attacker to

gain administrative-level privileges on the system.

Solution

Apply appropriate updates as mentioned in:

- -sa-rv110w-static-cred-BMTWBWTy

- -sa-rv-rce-AQKREqp

- -sa-rv-auth-bypass-cGv9EruZ

- -sa-code-exec-wH3BNFb

- -sa-cisco-prime-priv-esc-HyhwdzBA

Vendor Information

Cisco

- -sa-rv110w-static-cred-BMTWBWTy

- -sa-rv-rce-AQKREqp

- -sa-rv-auth-bypass-cGv9EruZ

- -sa-code-exec-wH3BNFb

- -sa-cisco-prime-priv-esc-HyhwdzBA

References

Cisco

- -sa-rv110w-static-cred-BMTWBWTy

- -sa-rv-rce-AQKREqp

- -sa-rv-auth-bypass-cGv9EruZ

- -sa-code-exec-wH3BNFb

- -sa-cisco-prime-priv-esc-HyhwdzBA

CVE Name

CVE-2020-3140

CVE-2020-3144

CVE-2020-3323

CVE-2020-3330

CVE-2020-3331