Security News > 2021 > August > Critical Cisco Bug in VPN Routers Allows Remote Takeover

Critical Cisco Bug in VPN Routers Allows Remote Takeover
2021-08-06 16:07

A critical security vulnerability in a subset of Cisco Systems' small-business VPN routers could allow a remote, unauthenticated attacker to take over a device - and researchers said there are at least 8,800 vulnerable systems open to compromise.

The critical bug affects the vendor's Dual WAN Gigabit VPN routers.

The web management interface for its small business VPN routers is available by default through local area network connections and can't be disabled, Cisco noted, adding that that some versions of the router software may only be affected by one of the two vulnerabilities.

The bug tracked as CVE-2021-1602 exists in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers - if exploited, it could allow an unauthenticated, remote attacker to execute arbitrary commands using root-level privileges, on the underlying operating system.

Like the Gigabit VPN router issues, the vulnerability is due to insufficient user input validation, and an attacker could exploit it by sending a crafted request to the web-based management interface.

A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device.


News URL

https://threatpost.com/critical-cisco-bug-vpn-routers/168449/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2021-08-04 CVE-2021-1602 OS Command Injection vulnerability in Cisco Small Business RV Series Router Firmware 1.0.0.30/1.0.0.33/1.0.1.3
A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device.
network
low complexity
cisco CWE-78
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 4416 230 3114 1857 603 5804