Cisco’s RV320 and RV325 router models for small offices and small businesses remain vulnerable to two high-severity flaws two months after vendor announced availability of patches. The fixes failed their purpose and attackers can still chain the bugs to take control of the devices. Cisco admits that the initial fix was not enough to fix the issue and informs that there are no firmware updates or workarounds to address the problem. There are currently over 8,800 routers reachable online that leak their configuration file with administrator credentials.
Source: https://www.bleepingcomputer.com/news/security/cisco-botches-fix-for-rv320-rv325-routers-just-blocks-curl-user-agent/