Security News

Cisco on Wednesday announced the release of patches for a critical vulnerability in small business VPN routers that could allow unauthenticated attackers to execute arbitrary code on affected devices. To exploit the bug, a remote, unauthenticated attacker has to send specially crafted HTTP requests to an affected device, which could allow them to execute arbitrary code or cause a denial of service condition.

Cisco has published patches for critical vulns affecting the web management interface for some of its Small Business Dual WAN Gigabit routers - including a 9.8-rated nasty. The two vulnerabilities affect the RV340, RV345, RV340W, and RV345P products, which are aimed at SMEs and home office setups.

Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service condition. The issues, tracked as CVE-2021-1609 and CVE-2021-1610, reside in the web-based management interface of the Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers running a firmware release prior to version 1.0.03.22.

Cisco has addressed pre-auth security vulnerabilities impacting multiple Small Business VPN routers and allowing remote attackers to trigger a denial of service condition or execute commands and arbitrary code on vulnerable devices. Luckily, as the company explains, the remote management feature is disabled by default on all affected VPN router models.

UfiSpace launched its S9600 series open aggregation routers based on Broadcom's Qumran2c silicon. "With our previous open disaggregated solutions for the cell site, core and edge networks, service providers were able to foster innovation, reduce vendor lock-in and obtain better TCO synergies within their network," says UfiSpace CEO, Vincent Ho. "We are excited to provide our customers with even more benefits by enabling open disaggregation for their aggregation network as well."

The French National Agency for the Security of Information Systems on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks. The agency has shared indicators of compromise to help organizations detect potential attacks.

Cisco's Talos threat intelligence and research unit has disclosed the details of several critical vulnerabilities affecting a router monitoring application made by Taiwan-based industrial and IoT solutions provider Advantech. The affected tool is R-SeeNet, which is designed to help network administrators monitor their Advantech routers.

D-Link has issued a firmware hotfix to address multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. The CVE-2021-21818 and CVE-2021-21820 hard-coded password and credentials vulnerabilities [1, 2] exist in the router's Zebra IP Routing Manager and the Libcli Test Environment functionality.

Edgecore Networks released a new open router product family. The AS7926-40XKFB 100G Aggregation Router solution enables carriers to upgrade their network infrastructure to address the challenges of 5G deployment and the tremendous traffic growth from the network edge to the core.

Netgear has patched serious security vulnerabilities in its DGN2200v1 network router, following the discovery of "Very odd behaviour" by a Microsoft security research team - a somewhat understated way of saying that attackers can gain "Complete control over the router." As a result, it's possible for remote attackers to take over the router at any time - as discovered by members of the Microsoft 365 Defender Research Team.