Security News > 2019 > February > Cisco SOHO wireless VPN firewalls and routers open to attack
2019-02-28 09:18
Cisco has released security fixes for several models of wireless VPN firewalls and routers, plugging a remote code execution flaw (CVE-2019-1663) that can be triggered via a malicious HTTP request. About CVE-2019-1663 The vulnerability affects the: Cisco RV110W Wireless-N VPN Firewall Cisco RV130W Wireless-N Multifunction VPN Router Cisco RV215W Wireless-N VPN Router. The flaw is in the devices’ web-based management interface and arose due to improper validation of user-supplied data. By sending a malicious HTTP … More → The post Cisco SOHO wireless VPN firewalls and routers open to attack appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/aY_SH7HLGjM/
Related news
- Cisco warns of password-spraying attacks targeting VPN services (source)
- Cisco warns of large-scale brute-force attacks against VPN services (source)
- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services (source)
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
- Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400) (source)
- Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Fire in the Cisco! Networking giant's Duo MFA message logs stolen in phish attack (source)
- Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation (source)
- 22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-28 | CVE-2019-1663 | Improper Input Validation vulnerability in Cisco Rv110W Firmware, Rv130W Firmware and Rv215W Firmware A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 10.0 |