Cisco closes critical VPN and router gaps

Patches for a total of 34 vulnerabilities are available for download. Five critical bugs have a CVSS score of 9.8. Attackers can infiltrate malicious code remotely and without entering a password and, under certain circumstances, even execute it with root privileges.

Cisco has released security updates to address a total of 34 vulnerabilities. Five vulnerabilities are classified as critical. They may allow malicious code to be introduced and executed remotely. Among other things, are affected VPNand company router products.

A critical bug is in the Telnet service of Cisco’s RV110W Wireless-N VPN firewall router. It is rated 9.8 out of 10 possible points of the Common Vulnerability Scoring System (CVSS). An attacker can gain complete control over a device using a preset password.

Another gap with a CVSS score of 9.8 is resolved by Cisco in routers of the RV110W, RV130, RV130W and RV215W series. It can be used via specially designed HTTP requests that the Online Management Portal does not process correctly. “A successful exploit could allow an attacker to execute arbitrary code as root user on the operating system of the affected device,” said Cisco.

Another CVSS-9.8 bug in the same routers undermines the registration process – access is possible without entering a password. Here too there is a risk that malicious code will be introduced and executed.

The fourth critical error affects only the RV110W and RV215W models. Again the web management interface is vulnerable. Since code can be executed with root rights without entering a password, the CVSS score is 9.8 here too.

The last critical vulnerability that Cisco customers should protect themselves from occurs when using the Prime License Manager (PLM). However, attackers need at least one valid user name in order to inject code with administrator rights. It is not necessary to enter a password again.

Cisco eliminates the other vulnerabilities in Identity Services, Email Services, Webex Meetings, SD-Wan vManage and vEdge, among others. They enable attacks such as SQL injections, cross-site scripting, denial-of-service or the theft of confidential information.

Affected users should apply the patches using the automatic update function. They can also be downloaded and installed manually.


Leave a Reply

Your email address will not be published. Required fields are marked *