Cisco issued new patches for previously patched vulnerabilities in its RV320 and RV325 routers.
Users should patch these routers as they have been part of targeted attacks over a period of time.
One vulnerability, CVE-2019-1652, is from an improper validation of user-supplied input, Cisco said. An attacker could exploit this vulnerability by sending malicious HTTP POST requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux shell as root.
The other vulnerability, CVE-2019-1653, is from an improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information.
The fix for the vulnerabilities is now available in firmware release 188.8.131.52, Cisco said.
The vulnerabilities affect Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running Firmware Releases 184.108.40.206 through 220.127.116.11.
The initial fix for the products went out in January, but upon further review, Cisco found the issues continued and sent out an updated patch for the vulnerabilities.