Cisco SOHO VPN Firewalls Vulnerable To Remote Code Execution
Recently Cisco has released several security software updates for the Cisco RV wireless VPN firewalls and routers to plug up a remote code execution flaw (CVE-2019-1663) that can be exploited by malicious HTTP requests
- RV110W Wireless-N VPN Firewall
- RV130W Wireless-N Multifunction VPN Router
- RV215W Wireless-N VPN Router
“The vulnerability is due to improper validation of user-supplied data in the web-based management interface. An attacker could exploit this vulnerability by sending malicious HTTP requests to a targeted device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system of the affected device as a high-privilege user.”
Cisco did not mention if there was any available public code in the wild to be used to exploit the vulnerability.
The flaw is quite serious with a CVSS Score of 9.8. The vulnerability can only be exploited if the device’s web management interface is available through a local LAN connection or available on the Wan side. Cisco Urges users to update their devices as soon as possible.
- Barracuda urges customers to replace Email Security Gateway
- Zero-day vulnerability in the MOVEit file transfer application
- Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions of Sites
- Vulnerability With Arris Routers
- Is Your Microsoft Exchange Server Vulnerable to ProxyNotShell Flaw?