Cisco has revealed multiple vulnerabilities impacting its Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which could potentially expose businesses to serious security risks. The advisory warns that an authenticated, remote attacker could exploit these flaws to escalate privileges and execute arbitrary commands on the affected devices, posing a threat to the integrity and security of small business networks.
CVE-2024-20393 – Privilege Escalation Vulnerability: With a CVSS score of 8.8, this flaw allows a remote attacker to escalate privileges from a guest to an admin account on the router. The vulnerability is rooted in the web-based management interface, which improperly discloses sensitive information. Exploiting this flaw requires sending crafted HTTP input to the device, allowing an attacker to gain unauthorized administrative control. Cisco highlights that “this vulnerability exists because the web-based management interface discloses sensitive information.”
CVE-2024-20470 – Remote Command Execution Vulnerability: With a CVSS score 4.7, this enables attackers with valid admin credentials to execute arbitrary code on the underlying operating system of the affected router. The vulnerability is due to insufficient validation of user-supplied input within the web-based management interface. By sending crafted HTTP input, an attacker could exploit this flaw to execute arbitrary commands with root privileges. Cisco warns that “a successful exploit could allow the attacker to execute arbitrary code as the root user on the underlying operating system.”
The following devices are vulnerable to these issues:
- RV340 Dual WAN Gigabit VPN Routers
- RV340W Dual WAN Gigabit Wireless-AC VPN Routers
- RV345 Dual WAN Gigabit VPN Routers
- RV345P Dual WAN Gigabit PoE VPN Routers
Cisco has confirmed that there are no available workarounds for either vulnerability. The routers affected by these vulnerabilities have already passed their respective End-of-Software-Maintenance. Cisco recommends that businesses refer to the end-of-life notices for these products and consider upgrading to newer devices that still receive active security updates.
While there is no evidence that these vulnerabilities have been exploited in the wild yet, their disclosure puts affected businesses on alert.
