Cisco Management Authentication Bypass Vulnerability

Number: AV16-016
Date: 27 January 2016

Purpose

The purpose of this alert is to bring attention to recent critical software updates that address a disclosed vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in Cisco RV220W product.

Assessment

CCIRC is aware of a recently disclosed vulnerability in Cisco RV220W product.

Cisco RV220W Wireless Security Firewall FirewallA security barrier placed between two networks that controls the amount and kinds of traffic that may pass between the two. This protects local system resources from being accessed from the outside. devices could allow an unauthenticated remote attacker to bypass authentication AuthenticationA process or measure used to verify a users identity. and gain administrative privileges Administrative privilegesThe permissions that allow a user to perform certain functions on a system or network, such as installing software and changing configuration settings. on a targeted device. This vulnerability could be exploited by sending a crafted HTTP request containing malicious SQL statement to the management interface InterfaceA boundary across which two systems communicate. An interface might be a hardware connector used to link to other devices, or it might be a convention used to allow communication between two software systems. of the targeted device.

Affected Product Versions:
Cisco RV220W running firmware releases prior to 1.0.7.2

NON Affected Product Versions:
Cisco RV120W Wireless-N VPN VPNSee virtual private network. Firewall
Cisco RV180 VPN-Router
Cisco RV180W Wireless-N Multifunction VPN Router

Suggested action

Due to the elevated risk presented by this vulnerability, CCIRC recommends that system administrators test and deploy the vendor-released firmware update to affected versions accordingly. CCIRC recommends that priority is given to these patches.

References

Cisco RV220W Management Authentication Bypass Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220

Date modified: