Security News > 2019 > February > Cisco SOHO wireless VPN firewalls and routers open to attack

Cisco has released security fixes for several models of wireless VPN firewalls and routers, plugging a remote code execution flaw (CVE-2019-1663) that can be triggered via a malicious HTTP request. About CVE-2019-1663 The vulnerability affects the: Cisco RV110W Wireless-N VPN Firewall Cisco RV130W Wireless-N Multifunction VPN Router Cisco RV215W Wireless-N VPN Router. The flaw is in the devices’ web-based management interface and arose due to improper validation of user-supplied data. By sending a malicious HTTP … More → The post Cisco SOHO wireless VPN firewalls and routers open to attack appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/aY_SH7HLGjM/
Related news
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- Massive brute force attack uses 2.8 million IPs to target VPN devices (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- Palo Alto firewalls under attack as miscreants chain flaws for root access (source)
- Palo Alto Networks tags new firewall bug as exploited in attacks (source)
- Cisco IOS XR vulnerability lets attackers crash BGP on routers (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-28 | CVE-2019-1663 | Out-of-bounds Write vulnerability in Cisco Rv110W Firmware, Rv130W Firmware and Rv215W Firmware A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 9.8 |