Security News > 2021 > August > Critical Cisco Bug in VPN Routers Allows Remote Takeover
A critical security vulnerability in a subset of Cisco Systems' small-business VPN routers could allow a remote, unauthenticated attacker to take over a device - and researchers said there are at least 8,800 vulnerable systems open to compromise.
The critical bug affects the vendor's Dual WAN Gigabit VPN routers.
The web management interface for its small business VPN routers is available by default through local area network connections and can't be disabled, Cisco noted, adding that that some versions of the router software may only be affected by one of the two vulnerabilities.
The bug tracked as CVE-2021-1602 exists in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers - if exploited, it could allow an unauthenticated, remote attacker to execute arbitrary commands using root-level privileges, on the underlying operating system.
Like the Gigabit VPN router issues, the vulnerability is due to insufficient user input validation, and an attacker could exploit it by sending a crafted request to the web-based management interface.
A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device.
News URL
https://threatpost.com/critical-cisco-bug-vpn-routers/168449/
Related news
- ASUS warns of critical remote authentication bypass on 7 routers (source)
- ASUS Patches Critical Authentication Bypass Flaw in Multiple Router Models (source)
- Hackers exploit critical D-Link DIR-859 router flaw to steal passwords (source)
- Juniper Networks Releases Critical Security Update for Routers (source)
- Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager (source)
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) (source)
- Critical Cisco bug lets hackers add root users on SEG devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-04 | CVE-2021-1602 | OS Command Injection vulnerability in Cisco Small Business RV Series Router Firmware 1.0.0.30/1.0.0.33/1.0.1.3 A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. | 9.8 |