Cisco Small Business Router Security Warning

by | Mar 4, 2025 | Data breaches and hacks, Digital infrastructure, Emerging Threats and Trends, Information security, News, Security Operations and Incident Management, Uncategorized

A serious security issue has been found in several Cisco Small Business routers. Hackers could exploit these vulnerabilities to bypass login protections or run harmful commands on the device.

Affected models include:

  • RV016

  • RV042

  • RV042G

  • RV082

  • RV320

  • RV325

Cisco has not provided a fix for these issues and does not plan to release one. No workarounds exist to fully protect the devices.

What This Means for You If you use one of the affected routers, your network is at risk. Attackers can gain full control over the device remotely without needing a username or password. If they already have administrative access, they can run unauthorized commands on the router.

Technical Details

  • CVE-2023-20025: Attackers can bypass authentication by sending specially crafted requests to the router’s web interface.

  • CVE-2023-20026 & CVE-2023-20118: Attackers with admin access can execute commands at the highest privilege level.

Risk Level

  • CVE-2023-20025: Critical (CVSS Score: 9.0)

  • CVE-2023-20026 & CVE-2023-20118: Medium (CVSS Score: 6.5)

Affected Products These issues impact all software versions running on the following devices:

  • CVE-2023-20025: RV016, RV042, RV042G, RV082

  • CVE-2023-20026 & CVE-2023-20118: RV016, RV042, RV042G, RV082, RV320, RV325

Other Cisco RV Series routers are not affected.

What You Can Do Since no fix is available, the best course of action is to replace the affected routers as soon as possible. In the meantime, you can reduce the risk by:

  • Turning off remote management: This limits exposure to attacks.

  • Blocking access to certain ports: Specifically, ports 443 and 60443 should be blocked to prevent unauthorized access.

How to Disable Remote Management

  1. Log in to the router’s web interface.

  2. Go to Firewall > General.

  3. Uncheck the Remote Management option.

  4. Save the settings.

How to Block Ports 443 and 60443

  1. Log in to the router’s web interface.

  2. Go to Firewall > Access Rules.

  3. Click Service Management, add TCP-60443 to the list, and save.

  4. Create access rules to block TCP 443-443 and TCP 60443-60443.

  5. If using a second WAN port, set additional rules for that connection.

While these steps help limit risk, they do not fully protect against these vulnerabilities.

Next Steps Cisco has discontinued these routers, meaning they will not receive future security updates. If you use one of these models, consider upgrading to a newer, supported router to ensure your network remains secure.

For more details, see Cisco’s official advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5

Cookie Consent with Real Cookie Banner