New vulnerabilities Threatens Over 9,000 Hackable Cisco RV320/RV325 Routers Worldwide
By MYBRANDBOOK
If you are using Cisco RV320 or RV325 Dual Gigabit WAN VPN routers in your organization for connectivity and security, then you should immediately install the latest firmware update released by the vendor last week. The hackers have actively been exploiting two newly patched high-severity router vulnerabilities in the wild after a security researcher released their proof-of-concept exploit code on the Internet last weekend
Out of these vulnerabilities, one of them are a command injection flaw and another is an information disclosure flaw, a combination of which could allow a remote attacker to take full control of an affected Cisco router. The first issue exists in RV320 and RV325 dual gigabit WAN VPN routers running firmware versions 1.4.2.15 through 1.4.2.19, and the second affects firmware versions 1.4.2.15 and 1.4.2.17, according to the Cisco’s advisory. Both the vulnerabilities, discovered and responsibly reported to the company by German security firm RedTeam Pentesting, actually resides in the web-based management interface used for the routers and are remotely exploitable.
The first vulnerabilities, code name CVE-2019-1652, which can allows an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands on the system. The second one as code name CVE-2019-1653 doesn't require any authentication to reach the router's web-based management portal, allowing attackers to retrieve sensitive information including the router's configuration file containing MD5 hashed credentials and diagnostic information.
The PoC exploit code targeting Cisco RV320/RV325 routers published on the Internet first exploits CVE-2019-1653 to retrieve the configuration file from the router to obtain its hashed credentials and then exploits CVE-2019-1652 to execute arbitrary commands and gain complete control of the affected device. Researchers from cybersecurity firm Bad Packets said they found at least 9,657 Cisco routers (6,247 RV320 and 3,410 RV325) worldwide that are vulnerable to the information disclosure vulnerability, most of which located in the United States.
The firm shared an interactive map, showing all vulnerable RV320/RV325 Cisco routers in 122 countries and on the network of 1,619 unique internet service providers. Bad Packets said its honeypots detected opportunistic scanning activity for vulnerable routers from multiple hosts from Saturday, suggesting the hackers are actively trying to exploit the flaws to take full control of the vulnerable routers.
The best way to protect yourself from becoming the target of one such attack is to install the latest Cisco RV320 and RV325 Firmware release 1.4.2.20 as soon as possible.
Administrators who have not yet applied the firmware update are highly recommended to change their router's admin and WiFi credentials considering themselves already compromised.
The government of India intends to construct a single portal f
A single portal will be launched by the Indian government to list all of it...
OpenAI offers GPT-4o, a faster model available to all users at
GPT-4o, a faster and more sophisticated AI model, is made available to all...
Paytm brings UPI Lite Wallet for low-value transactions
Paytm’s parent company One97 Communications (OCL) is emphasizing upon UP...
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
GLOBUS INFOCOM LTD.
RELIANCE JIO INFOCOMM LTD.
TEJAS NETWORKS INDIA PVT. LTD.
NUMERIC INDIA, A Group Brand Legrand
Technology Icons Of India 2023: Lt Gen (Dr.) Rajesh Pant (Retd.)
LT Gen(Dr.) Rajesh Panth (Retd.), National cyber security coordination...
Technology Icons Of India 2023: Ashwini Vaishnaw
Ashwini Vaishnaw is an Indian politician and former IAS officer and is...
Technology Icons Of India 2023: Bharat Goenka
Bharat Goenka is the Managing Director of Tally Solutions. He is well ...
TCIL continues to strengthen India with its technology expertise
TCIL undertakes consultancy & turnkey projects in the field of Telecom...
Leading company into fertilizers in the country
NFL is a dynamic organization committed to serve the farming community...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...
IVALUE INFOSOLUTIONS PVT. LTD.
: iValue Info Solutions is a value added distributor, provides solutio...
SAVEX TECHNOLOGIES PVT. LTD.
Savex Technologies is the 3rd largest Information & Communication Tec...