CyCognito researchers discovered a cross-scripting bug in Cisco’s SMB router kit. The cybersecurity startup claims attackers can exploit XSS vulnerabilities in vulnerable routers and take control of the victim’s web application session.
Network security startup CyCognito recently discovered four cybersecurityOpens a new window “Unknown Unknown†issues. The first to be verified was a reflected Cross-Site Scripting (XSS) vulnerability on the web admin interface of Cisco’s Small Business Router model RV042 and RV042G. The vulnerability CVE-2020-3431 affects router models RV043 and RV043G which networking giant Cisco sells to small businesses. On its part, Cisco has patched the cross-site scripting vulnerability in the two router models.
Through the vulnerability, an attacker could take over control of the web configuration and management interface, enabling them to take control of administrative functions and change setup and access confidential information. If exploited, hackers could also gain access to credentials, clipboard, keystrokes, browser history etc.
Tech News: Cisco Patches Up Vulnerability in Webex That Risked Meeting DataOpens a new window
Cisco announced it patched several #vulnerabilitiesOpens a new window , including in Small Business routers & switches.
“An XSS vulnerability in a router’s admin interface means router administrators would be the most likely attack targets,†CyCognito explained
— CyCognito (@CyCognito) July 2, 2020Opens a new window
Alex Zaslavsky, Head of Security Research at CyCognito explains, “Commandeering a network router puts attackers in a prime position for intercepting company secrets and crucial data and to advance their attacks. Attackers value XSS vulnerabilities because they can be used to access a victim’s current session and even take over an account and impersonate the victim. A vulnerability in an admin configuration utility can be even more damaging as phished credentials can be used to try to gain access to other systems within a company’s infrastructure.â€
Cisco issued an advisory for the zero-day router vulnerability. The company notes that insufficient validation at the user side, and interaction with a crafted link can allow any attacker to execute arbitrary script code.
Tech News: Cisco Builds Bridges With Rivals, Adds Calling Integrations With Slack & TeamsOpens a new window
CVE-2020-3431 has a CVSS score of 6.1 which marks the severity of the vulnerability as medium.
CyCognito experts Alex ZaslavskyOpens a new window , Head of Security Research, and Jim WachhausOpens a new window , Director of Technical Product Marketing said the vulnerability was discovered by finding the ‘Path of Least Resistance’ or POLaR across the entire network surface. It is a way to find the weakest link in a security setup of a network, which can be exploited to take over other lateral systems as well.
The CyCognito platform confirmed that three vulnerabilities ‘will be discussed once the respective vendors have taken steps to address the issues’. The researchers notedOpens a new window , “The CyCognito platform continuously applies nation-state scale reconnaissance to map organizations’ attack surfaces. It regularly discovers new assets and identifies previously undetected attack vectors.â€
Users can fix the vulnerability by updating RV042 and RV042G router firmware to release 4.2.3.14 or later.
Let us know if you liked this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!