Security News > 2023 > January > Over 19,000 end-of-life Cisco routers exposed to RCE attacks
Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain.
By chaining two security flaws disclosed last week, threat actors can bypass authentication and execute arbitrary commands on the underlying operating system of Cisco Small Business RV016, RV042, RV042G, and RV082 routers.
For the time being, Cisco has found no evidence suggesting that this exploit chain is being abused in attacks.
After BleepingComputer reported that these routers would be left without a patch and looking into how many of them are reachable over the Internet, Censys found almost 20,000 RV016, RV042, RV042G, and RV082 Cisco routers online.
Cisco also said it wouldn't fix a critical auth bypass flaw affecting multiple EoL routers in September and advised users to switch to RV132W, RV160, or RV160W routers still under support.
Three months earlier, in June, Cisco again encouraged owners to migrate to newer router models after disclosing a critical remote code execution vulnerability in another series of end-of-life VPN routers that was also left unpatched.
News URL
Related news
- OpenWrt orders router firmware updates after supply chain attack scare (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks (source)