Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs

August 5, 2021
Small Business VPN Router

Networking gear main Cisco has rolled out patches to deal with important vulnerabilities impacting its Small Enterprise VPN routers that may very well be abused by a distant attacker to execute arbitrary code and even trigger a denial-of-service (DoS) situation.

The problems, tracked as CVE-2021-1609 (CVSS rating: 9.8) and CVE-2021-1610 (CVSS rating: 7.2), reside within the web-based administration interface of the Small Enterprise RV340, RV340W, RV345, and RV345P Twin WAN Gigabit VPN Routers operating a firmware launch previous to model 1.0.03.22. Each the problems stem from a scarcity of correct validation of HTTP requests, thus allowing a nasty actor to ship a specially-crafted HTTP request to a susceptible machine.

Stack Overflow Teams

Profitable exploitation of CVE-2021-1609 might enable an unauthenticated, distant attacker to execute arbitrary code on the machine or trigger the machine to reload, leading to a DoS situation. CVE-2021-1610, considerations a command injection vulnerability that, if exploited, might allow an authenticated adversary to remotely execute arbitrary instructions with root privileges on an affected machine, the corporate noted in its advisory.

Swing of Chaitin Safety Analysis Lab has been credited with reporting the 2 shortcomings.

Additionally addressed by Cisco is a high-severity distant code execution bug (CVE-2021-1602, CVSS rating: 8.2) impacting Small Enterprise RV160, RV160W, RV260, RV260P, and RV260W VPN Routers that may very well be leveraged by an unauthenticated, distant attacker to execute arbitrary instructions on the underlying working system of an affected machine. Small Enterprise RV Collection Routers operating firmware variations sooner than 1.0.01.04 are inclined.

Enterprise Password Management

“This vulnerability is because of inadequate consumer enter validation. An attacker might exploit this vulnerability by sending a crafted request to the web-based administration interface,” Cisco said. “A profitable exploit might enable the attacker to execute arbitrary instructions on an affected machine utilizing root-level privileges. As a result of nature of the vulnerability, solely instructions with out parameters might be executed.”

The corporate famous there’s been no proof of lively exploitation makes an attempt within the wild for any of those flaws, nor are there any workarounds that tackle the vulnerabilities.

CVE-2021-1602 marks the second time Cisco has mounted important distant code execution flaws regarding the identical set of VPN home equipment. Earlier this February, the corporate patched 35 flaws that would probably enable an unauthenticated, distant attacker to execute arbitrary code as the basis consumer on an affected machine.

Posted in SecurityTags:
Write a comment