Security News > 2021 > February > Critical Cisco Flaws Open VPN Routers Up to RCE Attacks
Cisco is rolling out fixes for critical holes in its lineup of small-business VPN routers.
The flaws exist in the web-based management interface of Cisco's small-business lineup of VPN routers.
On Wednesday, Cisco also warned of two high-severity flaws across this same set of small-business VPN routers.
These flaws are also fixed by firmware Release 1.0.01.02; The networking giant said that it's not aware of any exploits in the wild of the critical flaws for any of these flaws.
Cisco on Wednesday pushed out a flurry of patches addressing high-severity vulnerabilities beyond its VPN small-business routers.
Finally, Cisco patched various high-severity flaws affecting its IOS XR software, a train of Cisco Systems' widely deployed Internetworking Operating System.
News URL
https://threatpost.com/cisco-flaws-vpn-routers-rce/163662/
Related news
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- PHP-CGI RCE Flaw Exploited in Attacks on Japan's Tech, Telecom, and E-Commerce Sectors (source)
- CISA tags critical Ivanti EPM flaws as actively exploited in attacks (source)
- Cisco IOS XR vulnerability lets attackers crash BGP on routers (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)