Top

Keyloggers, spyware, and stealers dominate SMB malware detections

SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

Carbanak malware returned in ransomware attacks

Read the clouds, reduce the cyber risk

Maximizing cybersecurity on a budget

image credit: Unsplash

Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)

January 12, 2023

Via: Help Net Security

Category:

Cisco has acknowledged one critical (CVE-2023-20025) and two medium-severity (CVE-2023-20026, CVE-2023-20045) vulnerabilities affecting some of its Small Business series of routers, but won’t be fixing them as the devices “have entered the end-of-life process.”

Proof-of-concept exploit code for CVE-2023-20025 and CVE-2023-20026 is available online, but there is currently no indication of any of these flaws being exploited by attackers.

About the vulnerabilities

CVE-2023-20025 is an authentication bypass vulnerability in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, and RV082 VPN routers. CVE-2023-20026 is a RCE in the same component of the same series of routers.

Read More on Help Net Security

Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Autodesk Drive Abused in Phishing Attacks

Google fixed critical Chrome vulnerability CVE-2024-4058

Cisco won’t fix router flaws even though PoC exploit is available (CVE-2023-20025, CVE-2023-20026)

Previous Article

Next Article

RELATED PUBLICATIONS

Trending

Tags

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company

Autodesk Drive Abused in Phishing Attacks

Google fixed critical Chrome vulnerability CVE-2024-4058