Cisco SOHO VPN Firewalls Vulnerable To Remote Code Execution

Recently Cisco has released several security software updates for the Cisco RV wireless VPN firewalls and routers to plug up a remote code execution flaw (CVE-2019-1663) that can be exploited by malicious HTTP requests

 
The Vulnerable Products
This vulnerability affects all releases of the following Cisco products prior to those listed in Fixed Releases:
  • RV110W Wireless-N VPN Firewall
  • RV130W Wireless-N Multifunction VPN Router
  • RV215W Wireless-N VPN Router

“The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.”

Cisco did not mention if there was any available public code in the wild to be used to exploit the vulnerability. 

The flaw is quite serious with a CVSS Score of 9.8. The vulnerability  can only be exploited if the device’s web management interface is available through a local LAN connection or available on the Wan side. Cisco Urges users to update their devices as soon as possible.


Discover more from Patrick Domingues

Subscribe to get the latest posts to your email.

author avatar
Patrick Domingues

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.