Cisco Warns Of Serious Vulnerabilities in VPN Routers

Cisco has issued a warning about seven serious vulnerabilities in various VPN routers that allow remote control of the devices. These are the Cisco Small Business RV160, RV160W, RV260, RV260P and RV260W vpn routers. The vulnerabilities were rated on a scale of 1 to 10 with regard to impact with a 9.8.

The problems are caused by http requests not being validated properly. By sending a specially prepared http request to the web interface, an attacker could execute arbitrary code with root privileges on the device. Cisco advises companies working with the affected routers to install the available firmware update. Workarounds are not available

Previous Post Next Post