Cisco RV320 router Security Vulnerability
- Thread starter coxhaus
- Start date
sfx2000
Part of the Furniture
https://www.zdnet.com/article/cisco-bungled-rv320rv325-patches-routers-still-exposed-to-hacks/
Seems like they bodged that one...
Seems like they bodged that one...
Cisco acknowledged yesterday that it bungled a crucial patch for a vulnerability in two router models. The company's shoddy initial patches allowed hackers to continue attacks throughout the past two months.
The security flaws impact Cisco RV320 and RV325 WAN VPN routers, two models popular with internet service providers and large enterprises.
Cisco patched two security flaws impacting RV320 and RV325 routers at the end of January. The two were:
Around 10,000 of these high-powered devices were --and still are-- accessible online and vulnerable to attacks.
Initially, it was believed that the Cisco patches would be enough to protect these vulnerable devices. However, yesterday, the security firm that initially discovered these bugs revealed that Cisco's patches had been woefully incomplete
The security flaws impact Cisco RV320 and RV325 WAN VPN routers, two models popular with internet service providers and large enterprises.
Cisco patched two security flaws impacting RV320 and RV325 routers at the end of January. The two were:
- CVE-2019-1652 - allows a remote attacker to inject and run admin commands on the device without a password.
- CVE-2019-1653 - allows a remote attacker to get sensitive device configuration details without a password.
Around 10,000 of these high-powered devices were --and still are-- accessible online and vulnerable to attacks.
Initially, it was believed that the Cisco patches would be enough to protect these vulnerable devices. However, yesterday, the security firm that initially discovered these bugs revealed that Cisco's patches had been woefully incomplete
System Error Message
Part of the Furniture
10000 is not much if you compare to how many older vulnerable dlinks are out there.
sfx2000
Part of the Furniture
'tis true - at least with the Cisco small business line, they do try to do the security fixes, and they're pretty good about letting folks know when it's time to consider replacing with a newer device.
System Error Message
Part of the Furniture
i bet the owner will have a car that runs badly, because mechanics know better and the customer is like "no i want this and this done, not that"
You dont buy spare routers that you keep aside, a lot of routers like mikrotik, cisco and other ones like hp, juniper, dell, etc all have very good circuit designs, they arent going to fail in a hardware manner. You buy routers with dual PSUs so that you can swap them without going offline as PSUs and fans are the first thing to go in network hardware with the exception of dlink. Not using electronics for a few months is more harmful to it than using it 24/7 and those who get spare routers also use them at the same time using some sort of redundant config so that if one fails, its automatically rerouted.
What exactly does the "Support" mean?
The Downloads page for it shows the latest firmware release is from 2015/01/23 from what I'm seeing https://www.cisco.com/c/en/us/support/routers/rv180-vpn-router/model.html#~tab-downloads
Haven't there been numerous things in the past 4 years that should have necessitated a firmware release?
Like this - https://quickview.cloudapps.cisco.com/quickview/bug/CSCuz48592
This is from this site - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_2
Fixed Software
- Cisco has not released and will not release firmware updates to address the vulnerability described in this advisory. The Cisco RV180 Router and the Cisco RV180W Router have entered the end-of-life (EoL) process. Please refer to the EoL notices for these products:
- End-of-Sale and End-of-Life Announcement for the Cisco RV180W Wireless-N Multifunction VPN Router
- End-of-Sale and End-of-Life Announcement for the Cisco RV180 VPN Router
When considering a device migration, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.
In all cases, customers should ensure that new devices will be sufficient for their network needs; new devices contain sufficient memory, and current hardware and software configurations will continue to be supported properly by the new product. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
Doesn't Cisco have end of support for hardware vs software? I know we have dealt with that with some other Cisco hardware. We had "support" still which means we could open a TAC case for config issues or a hardware failure, but no software updates were going to happen ever again. I think on our old ACE load balancers, software support ended three years prior to hardware support ending.
We fight with the local business units constantly about requiring them to have supported hardware and software. Always a cost issue and they don't always see the $$$ when it comes to compliance until we get penalized and/or lose a contract.
We fight with the local business units constantly about requiring them to have supported hardware and software. Always a cost issue and they don't always see the $$$ when it comes to compliance until we get penalized and/or lose a contract.
Similar threads
Similar threads
Similar threads
-
Long shot but worth a shot? WFH using CISCO phone audio delay 5-10 seconds
- Started by bknox87
- Replies: 1
-
-
-
-
Least expensive wired-only gigabit router? (TP-Link Festa FR205? Others?)
- Started by Bill_Stewart
- Replies: 29
-
Test for reliability of router - Bench test - throughput - ping load etc- Started by StanleeSPUDwowski
- Replies: 14
-
-
-
Random cutting out of all internet, ISP says its probably my router (Asus rt-ax82u) (have system logs)
- Started by Crazy_bacca
- Replies: 2
-