Cisco Small Business RV Series Routers command injection Vulnerability: Multiple Cisco Small Business TV Series Routers contains a command injection vulnerability in the web-based management interface.

Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320 and RV325 Routers Versions affected;

• Affected at 1.0.1.17
• Affected at 1.0.2.03
• Affected at 1.1.0.09
• Affected at 1.1.1.19
• Affected at 1.1.1.06
• Affected at 1.2.1.13
• Affected at 1.2.1.14
• Affected at 1.3.1.12
• Affected at 1.3.2.02
• Affected at 1.3.1.10
• Affected at 1.4.2.15
• Affected at 1.4.2.17
• Affected at 1.4.2.19
• Affected at 1.4.2.20
• Affected at 1.4.2.22
• Affected at 1.5.1.05
• Affected at 1.5.1.11
• Affected at 1.5.1.13

The vulnerable Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.

CERTVU encourages users and administrators to search for indicators of compromise (IOCs) and apply the necessary updates and workarounds. Apply mitigations per vendor instructions, follow applicable BOD 22-1 guidance for cloud services, or discontinue use of the affected product if mitigations are unavailable