Menu
What's new
By:
Filters Better Search

Cisco RV320 router Security Vulnerability

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

C

coxhaus

Part of the Furniture
They have detected an issue. A fix should be out mid April. Keep an eye out. This is for the RV320 and RV325 routers. My daughter's business is running 1 of these so I will post when I see a fix.
 
https://www.zdnet.com/article/cisco-bungled-rv320rv325-patches-routers-still-exposed-to-hacks/

Seems like they bodged that one...

Cisco acknowledged yesterday that it bungled a crucial patch for a vulnerability in two router models. The company's shoddy initial patches allowed hackers to continue attacks throughout the past two months.

The security flaws impact Cisco RV320 and RV325 WAN VPN routers, two models popular with internet service providers and large enterprises.

Cisco patched two security flaws impacting RV320 and RV325 routers at the end of January. The two were:

  • CVE-2019-1652 - allows a remote attacker to inject and run admin commands on the device without a password.
  • CVE-2019-1653 - allows a remote attacker to get sensitive device configuration details without a password.
The two vulnerabilities came under active attacks after multiple security researchers released proof-of-concept code demonstrating how the bugs worked and how they could be abused to take over routers.

Around 10,000 of these high-powered devices were --and still are-- accessible online and vulnerable to attacks.

Initially, it was believed that the Cisco patches would be enough to protect these vulnerable devices. However, yesterday, the security firm that initially discovered these bugs revealed that Cisco's patches had been woefully incomplete
 
They also patched the RV340, RV345, RV345P which seems ok but they missed on the old RV320 and RV325 routers.

Wow there are 10,000 of these old routers out there.
 
coxhaus said:
People should not run old routers which have no support. They are just asking for trouble.
Click to expand...

'tis true - at least with the Cisco small business line, they do try to do the security fixes, and they're pretty good about letting folks know when it's time to consider replacing with a newer device.
 
I know a business that still uses a RV180 and they even bought a spare "just in case".

I told them it was a bad idea but they don't care.
 
jlficken said:
I know a business that still uses a RV180 and they even bought a spare "just in case".

I told them it was a bad idea but they don't care.
Click to expand...
i bet the owner will have a car that runs badly, because mechanics know better and the customer is like "no i want this and this done, not that"

You dont buy spare routers that you keep aside, a lot of routers like mikrotik, cisco and other ones like hp, juniper, dell, etc all have very good circuit designs, they arent going to fail in a hardware manner. You buy routers with dual PSUs so that you can swap them without going offline as PSUs and fans are the first thing to go in network hardware with the exception of dlink. Not using electronics for a few months is more harmful to it than using it 24/7 and those who get spare routers also use them at the same time using some sort of redundant config so that if one fails, its automatically rerouted.
 
I looked up the RV180 router and it turns out there is still support for it until May 2020. This is a pretty old slow router. Cisco is good on supporting their equipment.
 
coxhaus said:
I looked up the RV180 router and it turns out there is still support for it until May 2020. This is a pretty old slow router. Cisco is good on supporting their equipment.
Click to expand...


What exactly does the "Support" mean?

The Downloads page for it shows the latest firmware release is from 2015/01/23 from what I'm seeing https://www.cisco.com/c/en/us/support/routers/rv180-vpn-router/model.html#~tab-downloads

Haven't there been numerous things in the past 4 years that should have necessitated a firmware release?

Like this - https://quickview.cloudapps.cisco.com/quickview/bug/CSCuz48592

This is from this site - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv180_2

Fixed Software
  • Cisco has not released and will not release firmware updates to address the vulnerability described in this advisory. The Cisco RV180 Router and the Cisco RV180W Router have entered the end-of-life (EoL) process. Please refer to the EoL notices for these products:Customers are encouraged to migrate to the Cisco RV130W Wireless-N Multifunction VPN Router.

    When considering a device migration, customers are advised to consult the Cisco Security Advisories and Responses archive at http://www.cisco.com/go/psirt and review subsequent advisories to determine exposure and a complete upgrade solution.

    In all cases, customers should ensure that new devices will be sufficient for their network needs; new devices contain sufficient memory, and current hardware and software configurations will continue to be supported properly by the new product. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.
 
Here you go. I have an RV180 but I would not run it. End of sale is not end of support.

I found another table which says the RV180 will not have any more software updates. So I am not sure the other Cisco web page is correct.
 

Attachments

  • Capture5.PNG
    Capture5.PNG
    34.2 KB · Views: 377
  • Capture6.PNG
    Capture6.PNG
    232.6 KB · Views: 267
Last edited:
Doesn't Cisco have end of support for hardware vs software? I know we have dealt with that with some other Cisco hardware. We had "support" still which means we could open a TAC case for config issues or a hardware failure, but no software updates were going to happen ever again. I think on our old ACE load balancers, software support ended three years prior to hardware support ending.

We fight with the local business units constantly about requiring them to have supported hardware and software. Always a cost issue and they don't always see the $$$ when it comes to compliance until we get penalized and/or lose a contract.
 
You must log in or register to reply here.

Similar threads

BigBillsd
Looking for a new routers to replace my Cisco RV320. The last security update came out in 2021.
Replies
8
Views
2K
sfx2000
sfx2000
J
News RV340/345 Security Vulnerability
Replies
8
Views
2K
coxhaus
C
verydima
RT-AC86U upgrade to cisco rv320
Replies
14
Views
2K
Tech9
Tech9
PR3MIUM
Exploiting Sequence Number Leakage: TCP Hijacking in NAT-Enabled Wi-Fi Networks
Replies
15
Views
617
sfx2000
sfx2000
C
Ruckus Security Issue
Replies
0
Views
514
coxhaus
C
Similar threads
Thread starter Title Forum Replies Date
B Long shot but worth a shot? WFH using CISCO phone audio delay 5-10 seconds Routers 1
P Airscale ASIB to Router Cisco Routers 2
V Wired router with VPN performance similar to Ax88u Pro? Routers 7
P Solved router connected to ISP router Routers 7
P cctv settings in router Routers 4
H Something to place in-between modem and router for traffic stats? Routers 10
M Speed for second router in LAN got capped in half Routers 6
B advice needed regarding a new wired router Routers 10
O Router that can handle 1000Mbit Full duplex WAN-LAN Routers 36
kaanaslan Could a router be used as a linux server? Routers 5

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 742 (members: 26, guests: 716)
Top