Security News > 2019 > April > Consumer routers targeted by DNS hijacking attackers
2019-04-05 10:17
Owners of a slew of D-Link, ARGtek, DSLink, Secutech, TOTOLINK and Cisco consumer routers are urged to update their device’s firmware, lest they fall prey to ongoing DNS hijacking campaigns and device hijacking attacks. Targeted Cisco routers The Cisco routers targeted are Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN routers. The exploited vulnerabilities are CVE-2019-1653, CVE-2019-1652, and CVE-2019-1828. All three are in the web-based management interface of the routers and could allow … More → The post Consumer routers targeted by DNS hijacking attackers appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/Wqb5F1TbuAE/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-04 | CVE-2019-1828 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. | 4.3 |
| 2019-01-24 | CVE-2019-1653 | Improper Access Control vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. | 5.0 |
| 2019-01-24 | CVE-2019-1652 | Improper Input Validation vulnerability in Cisco Rv320 Firmware and Rv325 Firmware A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands. | 9.0 |