Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
703
Views
0
Helpful
1
Replies

RV042 / RV0xx Vulnerability

fmarshall
Level 1
Level 1

‎03-12-2017 05:19 PM

We recently swapped RV042 V0, V1, V2 for V3s.

I did a penetration scan and found: 

"Critical Vulnerabilities:

1) Obsolete Debian GNU/Linux Version (debian-obsolete)

2) Obsolete ISC BIND installation (dns-bind-obsolete)

Description: Debian terminated support for Debian GNU/Linux 5.0 alias "Lenny" on February 6, 2012.

Vulnerable OS: Linux 2.6.18 (Debian 4.0, x86)

All Debian versions prior to 6.0 alias "Squeeze" have unpatched security vulnerabilities."

******

I need to determine if this is a false positive or is for real.

I don't find this information on the Cisco website for the RV042 or RV0xx models.

If it's correct, what router can I replace it with needing public internet exposure?

Labels:
0 Helpful
1 Reply 1

ktonev
Cisco Employee
Cisco Employee

‎03-15-2017 05:27 AM

Hello,

My name is Kristian and I am one of the Engineers from Cisco Small Business support.

Can you please confirm what is the firmware version of your RV042 router?

What tool did you use to perform the penetration scan?

Kind regards,
Kris

0 Helpful
Customers Also Viewed These Support Documents