Cisco recently released a patch for the RV320 and RV325 routers that fixes two separate high-severity vulnerabilities. The vulnerabilities are remotely executable and contained within the web-based management interface. One of the vulnerabilities is a command injection flaw, while the other is information disclosure. If an attacker utilized both exploits, they can achieve full control of the device. Firmware release 18.104.22.168 can be applied to both the RV320 and RV325 to fix the vulnerabilities. Organizations with either of the two routers are urged to update immediately.
Relevant URL(s): https://thehackernews.com/2019/01/hacking-cisco-routers.html