Cisco Small Business Routers Vulnerable to Cross-Site Scripting (XSS) Attack

Cisco has reported a significant vulnerability has been discovered in the web-based management interface of various Cisco Small Business RV Series Routers, leaving them susceptible to cross-site scripting (XSS) attacks. The affected router models include RV016, RV042, RV042G, RV082, RV320, and RV325.This vulnerability allows unauthenticated, remote attackers to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. The exploit is made possible due to insufficient input validation by the web-based management interface.Cisco has yet to release software updates addressing this vulnerability, and there are currently no workarounds available. As a result, affected users are urged to take immediate action to mitigate potential risks.Mitigation steps include disabling remote management and blocking access to ports 443 and 60443 for certain router models. However, it’s essential for users to understand that these mitigations may impact network functionality and performance, and careful evaluation in their specific environment is advised.Given that affected router models have entered the end-of-life process, Cisco recommends users refer to the end-of-life notices for guidance. Additionally, customers are encouraged to consider device migration options and consult Cisco’s Security Advisories page regularly for updates and solutions.It’s worth noting that Cisco’s Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious exploitation of this vulnerability at the time of writing.This vulnerability was reported by Leetsun, and further information can be found in Cisco’s security advisory linked below:Resource: [Link to Cisco Security Advisory]Cisco advises affected users to stay vigilant and take appropriate measures to safeguard their networks against potential exploitation until a permanent solution is made available.