Summary

• A vulnerability in the IPSec VPN Server authentication functionality of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to bypass authentication controls and access the IPSec VPN network.

  This vulnerability is due to the improper implementation of the password validation algorithm. An attacker could exploit this vulnerability by logging in to the VPN from an affected device with crafted credentials. A successful exploit could allow the attacker to bypass authentication and access the IPSec VPN network. The attacker may obtain privileges that are the same level as an administrative user, depending on the crafted credentials that are used.

  Cisco has not released software updates that address this vulnerability. There are no workarounds that address this vulnerability. 

  This advisory is available at the following link:
  https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-vpnbypass-Cpheup9O

Affected Products

• Vulnerable Products

  This vulnerability affects the following Cisco Small Business RV Series Routers if the IPSec VPN Server feature is enabled:

  • RV110W Wireless-N VPN Firewall
  • RV130 VPN Router
  • RV130W Wireless-N Multifunction VPN Router
  • RV215W Wireless-N VPN Router

  Determine the Device Configuration

  To determine whether the IPSec VPN Server feature is configured on a device, log in to the web-based management interface and choose VPN > IPSec VPN Server > Setup. If the Server Enable check box is checked, the IPSec VPN Server is enabled on the device. See Configuration of an IPSec VPN Server on RV130 and RV130W for addition information on the IPSec VPN Server configuration. 

  Products Confirmed Not Vulnerable

  Only products listed in the Vulnerable Products section of this advisory are known to be affected by this vulnerability.

Workarounds

• There are no workarounds that address this vulnerability.

Fixed Software

• Cisco has not released and will not release software updates to address the vulnerability described in this advisory. Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process. Customers are advised to refer to the end-of-life notices for these products:

  End-of-Sale and End-of-Life Announcement for the Cisco Small Business RV Series Routers (selected models)

  Customers are encouraged to migrate to Cisco Small Business RV132W, RV160, or RV160W Routers.

  When considering a device migration, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories page, to determine exposure and a complete upgrade solution.

  In all cases, customers should ensure that new devices will be sufficient for their network needs; the new devices contain sufficient memory, and current hardware and software configurations will continue to be supported properly by the new product. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

Exploitation and Public Announcements

• The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Source

• Cisco would like to thank Sergio García Caravaca from AGE2 for reporting this vulnerability.

URL

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-vpnbypass-Cpheup9O

Revision History

• Version	Description	Section	Status	Date
  1.0	Initial public release.	—	Final	2022-SEP-07

  Show Less

---