Cisco Issues Patches for Critical Vulnerabilities Affecting Routers and Firewalls

Cisco issued fixes for several vulnerabilities affecting multiple routers and firewalls, covering possible risks such as remote code execution, static credentials and authentication bypass.

Cisco networking devices usually control large network infrastructures, so it stands to reason that any kind of vulnerability endangers numerous organizations and companies. Patching the vulnerabilities as soon as possible is imperative.

All of the vulnerabilities (CSCvs50861, CSCvs50862, CSCvs50818, CSCvr97864, CSCvr97884, CSCvr97889, CSCvr96247, CSCvr96252, CSCvr96256 and CSCvq97227) are critical, with a CVSS score of 9.8. This means that, most likely, the vulnerabilities could be exploited remotely and without a user’s input. For example, the remote code execution vulnerability affected the Cisco RV110W Wireless-N VPN Firewall and Cisco RV215W Wireless-N VPN Router.

“The vulnerability is due to improper validation of user-supplied input data by the web-based management interface,” reads the advisory from Cisco. “An attacker could exploit this vulnerability by sending crafted requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the root user.”

Another vulnerability affecting the Cisco RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router and RV215W Wireless-N VPN Router would have allowed a remote attacker to gain unauthorized access to an affected device due to insufficient validation of user input on the web management interface.

There’s also an issue with the Telnet service of Cisco Small Business RV110W Wireless-N VPN Firewall router, and a problem with the interface of Cisco Prime License Manager (PLM) Software could allow an unauthenticated, remote attacker to access an affected device.

Unfortunately, there are no known mitigations for these problems, so users have only the option to install the patches. From what Cisco has managed to ascertain so far, none of these vulnerabilities have been actively used in attacks.

Add Comment

Your email address will not be published. Required fields are marked *